Information Systems Integration – Tony Messina

New variants of older malware are taking over your IoT devices

If you are technically inclined or even just paying attention to the latest round cybersecurity threats then you have heard of BotNets.  BotNets are normally made up of IoT devices like home routers and IP video cameras and hackers normally sell the usage of this BotNet to other hackers looking to stay anonymous.  Many of these consumer-grade devices use default passwords to help end users set them up without any problems.  Hackers know that most people will never change the default admin password so they write malware code to scan the internet for devices to turn into a BotNet. One such malware program is called Mirai.  Mirai was responsible for taking down a large number of major websites in 2016.  Most devices that were infected by Mirai remain infected to this day, but even the IoT devices that were patched are still susceptible to the new variants of Mirai.  A variant is a malware that uses a modified version of an older malware’s source code. FortiGuard Labs has found one variant that may be worse than the original Mirai version.  This new version dubbed OMG because of the letter OMG found in the source code now has the ability to turn the infected device into a proxy server.  Proxy servers allow hackers to look like they are coming from a different location and IP then they actually are.  This anonymity comes at a price.  Since hackers are willing to pay for the privilege of using a BotNet the demand for new IoT victims increases.  Thus, driving the number of variants up and the potential for another large-scale cyber attack.

What do you think can be done to improve the security of IoT devices?  Should the manufacturers be held responsible for BotNets?

 

https://www.fortinet.com/blog/threat-research/omg–mirai-based-bot-turns-iot-devices-into-proxy-servers.html

https://www.nextadvisor.com/blog/2017/12/15/how-to-tell-if-your-iot-devices-are-part-of-a-botnet/

Leave a Reply

Your email address will not be published. Required fields are marked *