Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti

Virus infecting Internet of Things discovered


The antivirus company Eset reported the detection of malicious programs targeting IoT devices. The malware is called Rakos. Rakos is looking for devices and servers with open SSH-port and weak passwords. Once infected, the equipment will be used for the further spread of the virus.

The attack begins with a brief list of IP-addresses, then the number of targets increases. On the infected device Rakos deploys a local HTTP server that allows new versions of the program to close processes and convert older versions of the URL-requests.

Also runs a Web server, "listening" for incoming connections on random TCP ports. The virus then sends a HTTP request that contains information about the infected device (including username and password) to the command malicious server.

The Eset noted that currently Rakos builds botnet from unprotected devices and is not used for malicious behavior, but in the future, experts admit carrying out DDoS-attacks and sending spam. It is possible that the program is the result of a failed experiment, reported dailycomm.ru.





18/01/17    Çap et