Worm targets Linux PCs and embedded devices2013-11-29 09:51 by DanielaTags: Linux, Linux.Darlloz
A Symantec researcher has discovered a worm that runs on embedded Linux systems, like those found in set-top boxes and routers. The worm, called Linux.Darlloz, attacks out-of-date Linux installations running on Intel hardware (a small minority in the embedded systems world), but it would not be hard to modify it to attack embedded linuces on other chips. "Upon execution, the worm generates IP [Internet Protocol] addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability," the Symantec researchers explained. "If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target." While not posing much of a real-world threat now, Darlloz demonstrates a major shortcoming with most Internet-of-things devices available today-they typically run Linux or other types of open source code that are woefully out of date. Making matters worse, many Internet-connected consumer devices can't be updated because their lightweight hardware can't handle the requirements of newer code versions. Hijacking one of these devices thus becomes much easier than exploiting, say, an up-to-date version of Windows, OS X, or Linux. Read more -here-
Post your review/comments
rate:
avg:
|