New Jersey
70°
light rain
humidity: 88%
wind: 10mph NE
H 70 • L 70
Weather from OpenWeatherMap

IoT Fuels Growth of Linux Malware

IoT Fuels Growth of Linux Malware

Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things.

That is one of the findings in a report
WatchGuard Technologies, a maker of network security appliances, released last week.

The report, which analyzes data gathered from more than 26,000 appliances worldwide, found three Linux malware programs in the top 10 for the first quarter of the year, compared with only one during the previous period.

“Linux attacks and malware are on the rise,” wrote WatchGuard CTO Corey Nachreiner and Security Threat Analyst Marc Laliberte, coauthors of the report. “We believe this is because systemic weaknesses in IoT devices, paired with their rapid growth, are steering botnet authors towards the Linux platform.”

However, “blocking inbound Telnet and SSH, along with using complex administrative passwords, can prevent the vast majority of potential attacks,” they suggested.

New Avenue for Hackers

Linux malware began growing at the end of last year with the Mirai botnet, observed Laliberte. Mirai made a splash in September when it was used to attack part of the Internet’s infrastructure and knock millions of users offline.

“Now, with IoT devices skyrocketing, a whole new avenue is opening up to attackers,” he told LinuxInsider. “It’s our belief that the rise we’re seeing in Linux malware is going hand in hand with that new target on the Internet.”

Makers of IoT devices haven’t been showing a great deal of concern about security, Laliberte continued. Their goals are to make their devices work, make them cheap, and make them quickly.

“They really don’t care about security during the development process,” he said.

Trivial Pursuits

Most IoT manufacturers use stripped down versions of Linux because the operating system requires minimal system resources to operate, said Paul Fletcher, cybersecurity evangelist at
Alert Logic.

“When you combine that with the large quantity of IoT devices being connected to the Internet, that equals a large volume of Linux systems online and available for attack,” he told LinuxInsider.

In their desire to make their devices easy to use, manufacturers use protocols that are also user-friendly for hackers.

“Attackers can gain access to these vulnerable interfaces, then upload and execute the malicious code of their choice,” Fletcher said.

Manufacturers frequently have poor default settings for their devices, he pointed out.

“Often, admin accounts have blank passwords or easy-to-guess default passwords, such as ‘password123,'” Fletcher said.

The security problems often are “nothing Linux-specific per se,” said Johannes B. Ullrich, chief research officer at the
SANS Institute.

“The manufacturer is careless on how they configured the device, so they make it trivial to exploit these devices,” he told LinuxInsider.

Malware in Top 10

These Linux malware programs cracked the top 10 in WatchGuard’s tally for the first quarter:

  • Linux/Exploit, which catches several malicious trojans used to scan systems for devices that can be enlisted into a botnet.
  • Linux/Downloader, which catches malevolent Linux shell scripts.
    Linux runs on many different architectures, such as ARM, MIPS and traditional x86 chipsets. An executable compiled for one architecture will not run on a device running a different one, the report explains. Thus, some Linux attacks exploit dropper shell scripts to download and install the proper malicious components for the architecture they are infecting.
  • Linux/Flooder, which catches Linux distributed-denial-of-service tools, such as Tsunami, used to perform DDoS amplification attacks, as well as DDoS tools used by Linux botnets like Mirai.”As the Mirai botnet showed us, Linux-based IoT devices are a prime target for botnet armies,” the report notes.

Web Server Battleground

A shift in how adversaries are attacking the Web has occurred, the WatchGuard report notes.

At the end of 2016, 73 percent of Web attacks targeted clients — browsers and supporting software, the company found. That radically changed during the first three months of this year, with 82 percent of Web attacks focused on Web servers or Web-based services.

“We don’t think drive-by download style attacks will go away, but it appears attackers have focused their efforts and tools on trying to exploit Web server attacks,” report coauthors Nachreiner and Laliberte wrote.

There’s been a decline in the effectiveness of antivirus software since the end of 2016, they also found.

“For the second quarter in a row, we have seen our legacy AV solution miss a lot of malware that our more advanced solution can catch. In fact, it has gone up from 30 percent to 38 percent,” Nachreiner and Laliberte reported.

“Nowadays, cyber criminals use many subtle tricks to repack their malware so that it evades signature-based detection,” they noted. “This is why so many networks that use basic AV become victims of threats like ransomware.”


John P. Mello Jr. has been an ECT News Network reporter
since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the
Boston Phoenix, Megapixel.Net and Government
Security News
. Email John.

22 comments on “IoT Fuels Growth of Linux Malware”

  1. http://tinyurl.com/y95zalgx

    My partner and I stumbled over here from a different website and thought I
    should check things out. I like what I see so now i’m following you.
    Look forward to looking over your web page again.

  2. http://tinyurl.com/y7rm5o6k

    What’s up to every one, the contents present at this website are genuinely remarkable for people knowledge, well, keep up the nice work fellows.

  3. instacart promo code august 2017

    I every time emailed this weblog post page to all my associates, for the reason that if like to read it next my links
    will too.

  4. instacart coupon august 2017

    What’s up to every body, it’s my first visit of this blog;
    this weblog includes remarkable and really good data for readers.

  5. tinyurl.com

    Way cool! Some very valid points! I appreciate you writing this write-up plus the rest of the site is very good.

  6. publix online ordering

    This post will assist the internet visitors for setting
    up new web site or even a weblog from start to end.

  7. publix instacart

    I think this is one of the most significant info for me.
    And i am glad reading your article. But want to remark on some general things, The web site style is perfect, the articles is really nice :
    D. Good job, cheers

  8. publix online ordering

    Hey! I understand this is sort of off-topic but I had to ask.
    Does managing a well-established blog like yours take a large amount of work?
    I am completely new to blogging however I do write
    in my diary everyday. I’d like to start a blog so I will be able
    to share my personal experience and thoughts online.
    Please let me know if you have any suggestions or tips for new aspiring bloggers.
    Thankyou!

  9. publix home delivery

    Hello to all, how is all, I think every one is getting more from this web page, and your views are nice in favor of new viewers.

  10. publix online

    Thanks for finally talking about >IoT Fuels Growth of Linux Malware – Online Magazines <Loved it!

  11. publix.com/delivery

    Iā€™m not that much of a online reader to be honest but your sites really nice, keep it up!

    I’ll go ahead and bookmark your site to come back in the future.

    Cheers

  12. publix home delivery

    I enjoy reading through a post that will make people think.
    Also, many thanks for allowing for me to comment!

  13. publix grocery delivery

    Great post. I was checking continuously this blog and I am impressed!
    Extremely useful info specifically the last part šŸ™‚ I care for such information much.
    I was seeking this particular information for a very long time.
    Thank you and best of luck.

  14. publix grocery delivery service

    Wow, amazing blog layout! How long have you been blogging for?
    you make blogging look easy. The overall look of your web site is fantastic,
    as well as the content!

  15. coupon code for instacart

    Quality content is the main to be a focus for the users to visit
    the site, that’s what this web page is providing.

  16. instacart promo code 2017

    I got this web site from my buddy who informed me on the
    topic of this web site and now this time I am visiting this web page and
    reading very informative content at this time.

  17. tender dating site

    Can you tell us more about this? I’d care to find out some additional information.

  18. tender dating site free

    You’re so cool! I do not believe I’ve read anything like that before.
    So good to find another person with unique thoughts on this subject.
    Really.. thank you for starting this up. This website
    is one thing that is required on the web, someone with a bit of originality!

  19. tinder dating site free

    I was recommended this website by my cousin. I am not sure whether this post
    is written by him as nobody else know such detailed about my trouble.
    You’re incredible! Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

Online Magazines: Provide you with rich,popular beauty tips,gourmet recipes,travel tips,fitness programs,car news,beauty pictures,men pictures,technology news,lifestyle and online games.

Contact Us:

Email: contact@onlinemagaziness.com

Flickr

    Newsletter

    COPYRIGHT Ā© 2017 BY ONLINEMAGAZINESS.COM

    Privacy Policy

    DMCA