Home » News » Researchers discovered a Silex malware terrorist that destroys IoT devices

Researchers discovered a Silex malware terrorist that destroys IoT devices

A new malware that disables IoT devices appeared on the Internet.

According to the testimony of a ZDNet reporter, in an hour of observation, the malware, called Silex, increased the number of its victims from 350 to 2000, turning their devices into useless bricks.

Firstly new attack discovered by Akamai expert Larry Cashdollar, His analysis showed that Silex achieves its goal by performing a series of destructive actions: it fills the gadget’s memory with random data, deletes network settings and firewall rules, bans all connections (using the iptables utility), and then stops or reloads the infected device.

Larry Cashdollar
Larry Cashdollar

“It’s as destructive as it can get without actually frying the IoT device’s circuits. To recover, victims must manually reinstall the device’s firmware, a task too complicated for the majority of device owners”, — reported Larry Cashdollar.

In a comment for ZDNet, CashDollar clarified that new malware attacks Unix-like systems and hacks them using the default login and password for Telnet. In response to a question about the source of the current attacks, expert said that his trap fixed the IP address belonging to the Iranian VPS service provider. This IP has already been added to the URLhaus blacklist.

Ankit Abunhav
Ankit Abunhav
Another expert, Ankit Anubhav of NewSky Security, was able to identify the author of Silex. He was a 14-year-old teenager using the nickname Light Leafon; he is already known to NewSky as the creator of the HITO IoT botnet.

Regarding his new project, Light Leafon stated that, by causing a permanent denial of service on the attacked devices, he does not pursue selfish goals. On the creation of Silex his feat, apparently, an example of BrickerBot – IoT-malware, which in less than a year managed to disable several million devices. The author of BrickerBot wanted in such a barbaric way to draw everyone’s attention to the problem of protecting smart gadgets, army of which is growing rapidly.

“Light Leafon — one of the most prominent and talented IoT threat actors at the moment. It is impressive and at the same time sad that Light Leafon, being a minor, is utilizing his talent in an illegal way”, — Ankit Anubhav gave characteristic to the teenager.

In a conversation with Anubhav, Light Leafon also shared his future plans. Young hacker is going to extend functionality of Silex, adding the ability to connect to the attacked devices via SSH and equipping it with exploits that are used by modern IoT bots, the successors of Mirai and Qbot.

READ  Malware Echobot attacks IoT devices, Oracle applications, VMware and exploits old vulnerabilities

Source: https://www.zdnet.com

[Total: 0    Average: 0/5]

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

APT34 using LinkedIn for deliver a backdoor

Iranian hackers APT34 use LinkedIn to deliver a backdoor

The cybercrime group APT34, which is associated with the Iranian government, continues its espionage campaigns, …

Extenbro Trojan

Extenbro Trojan replaces DNS and blocks access to antivirus sites

Malwarebytes Labs specialists discovered Extenbro Trojan, which not only replaces DNS for displaying advertisements, but …

Leave a Reply