31 C
Jaipur
Monday, October 19, 2020

New malware infects Android TVs, IoT devices in 84 nations – Latest News

Must read

Pop!_OS 20.04 Review: The Best Ubuntu-based Distro!

The Linux distro world is getting better each day, thanks to developers’ immense dedication. The OS sure has come a long way from people...

VOIP Service Provider Exposes 350M Customer Records

A database of over 350 million customer records exposed from unsecured Elasticsearch cluster belonging to voice over-internet-protocol company Broadvoice. The database was uncovered by security...

LG May Not Launch Snapdragon 875-Powered Phone in the First Half of 2021

LG is one of the OEMs that usually refreshes its flagship phones with the latest Qualcomm chips. While Qualcomm is all set to unveil...

Got Kids? Limit Computer Usage Per Account in Linux With Timekpr-nExt

Open source software highlight of this week is Timekpr-nExt. It is a GUI application to limit the computer usage for certain accounts on a...

New Delhi, A new malware has infected roughly 13,500 Internet of Things (IoT) devices like Android TVs in 84 countries, chiefly in Asia, and that number continues to grow, US-based cyber security firm Barracuda Network said on Thursday.

Busy building a botnet for a big scale attack, a new variant of the InterPlanetary Storm malware is targeting IoT devices such as TVs that run on Android operating systems and Linux-based machines, such as routers with ill-configured SSH (secure shell) service.

“While the botnet that this malware is building does not have clear functionality yet, it gives the campaign operators a backdoor into the infected devices so they can later be used for cryptomining, DDoS, or other large-scale attacks,” warned Murali Urs, Country Manager-India, Barracuda Networks.

Although many cases of the new variant have been reported from Asian countries like China, Hong Kong, South Korea, and Taiwan, “Indian IoT devices haven’t been much in the radar of the cybercriminal organisations,” he added.

The malware has already been targeting Mac and Android devices in addition to Windows and Linux machines.

The first variant of Interplanetary Storm, which targeted Windows machines, was uncovered in May last year.

Its capability of attacking Linux machines was reported in June this year.

Barracuda researchers found several unique features designed by the cybercriminal organisation to help the malware persist and protect it once it has infected a machine.

It detects the computer security mechanism, honeypots, auto updates itself, tries to persist itself by installing a service using a “Go daemon” package and also kills other processes on the machine that pose a threat to the malware, such as debuggers and competing malware.

Such a rapidly evolving threat environment requires advanced inbound and outbound security techniques that go beyond the traditional gateway.

“To safeguard IoT devices against this malware variant, it will be necessary to properly configure SSH access on all devices. This means using keys instead of passwords, which will make access more secure,” the researchers noted.

When password login is enabled and the service itself is accessible, the malware can exploit the ill-configured attack surface.

“Since the issue is common with routers and IoT devices, they become easy targets for the InterPlanetary Storm malware”.

Meanwhile, to monitor SSH access control, a cloud security posture management tool must be used that will eliminate any configuration mistakes, which can be catastrophic, the researchers said.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Pop!_OS 20.04 Review: The Best Ubuntu-based Distro!

The Linux distro world is getting better each day, thanks to developers’ immense dedication. The OS sure has come a long way from people...

VOIP Service Provider Exposes 350M Customer Records

A database of over 350 million customer records exposed from unsecured Elasticsearch cluster belonging to voice over-internet-protocol company Broadvoice. The database was uncovered by security...

LG May Not Launch Snapdragon 875-Powered Phone in the First Half of 2021

LG is one of the OEMs that usually refreshes its flagship phones with the latest Qualcomm chips. While Qualcomm is all set to unveil...

Got Kids? Limit Computer Usage Per Account in Linux With Timekpr-nExt

Open source software highlight of this week is Timekpr-nExt. It is a GUI application to limit the computer usage for certain accounts on a...