Malware amnesia makes IoT/Linux botnet

which is malware amnesia a new technique to avoid detection. The security firm Palo Alto networks see them as the first Linux malware that identify virtual machines and delete can. That should work against sandboxes furnished by security researchers with analysis tools. The malware deletes the addition itself, leaving any other traces.

 malware (image: Maksim Kabakou/Shutterstock)

such methods to bypass virtual machines have been malicious software for Microsoft Windows and Google’s Android known. Similar to this, amnesia tries to find out whether it is running in a virtual machine running on VirtualBox, VMware or QEMU. She realizes this, it deletes all files in the file system of a virtalisierten Linux. Not only sand boxes to the analysis of Linux malware, but some QUEMÚ-based Linux server in VPS or public cloud environments – are affected again threatens a full erase.

according to the Palo Alto is at amnesia tsunami a variant of Linux malware the same name IoT / Linux Botnets can create. A hacker demonstrated that a year ago, he built a tsunami in ISO files from Linux Mint and distributed through the website of this Linux distribution.

discovered amnesia on digital video recorders with a vulnerability, which well known – but apparently still not been corrected already a year ago. As the security researchers found roughly 227.000 devices have this vulnerability. These are all from a manufacturer named TVT digital, were but sold under different brands worldwide from over 70 vendors.

not the video recorders vulnerable to attacks are the most interesting aspect. Rather, it is further evidence of the vulnerability of networked devices in the Internet of things ( Internet of things IoT), that’s not necessarily to conventional systems.

the new malware is actively looking for vulnerable systems, to remote completely over it. As for tsunami, an emerging botnet can be used for denial-of-service attacks. Palo Alto considers possible similar broad-based DDoS attacks such as through Mirai botnets .

Be the first to comment

Leave a Reply