Internet of Things (IoT) devices running on the open-source Linux OS are under attack from NyaDrop.
The attack loads malware on IoT devices lacking appropriate security after brute forcing default login credentials, according to a report by David Bisson for Graham Cluley Security News. The code achieves this by parsing its list of archived usernames and passwords. Once authenticated, NyaDrop is installed. The lightweight binary then loads other malware onto the infected device.
Most susceptible are DVRs, CCTV cameras and similar IoT devices whose MIPS systems use a 32-bit CPU architecture. Complicating matters for security professionals, NyaDrop deletes itself each time it logs into an MIPS system and then loads updates to evade detection. Bisson pointed out that anti-virus tools have been ineffective in stopping the malware.
Users of IoT devices should change their default login credentials and set up strong usernames and passwords to prevent this attack as well as expected future threats, Bisson advised.
Submitted by: Arnfried Walbrecht
Can you really call it “brute forcing” when they use default credentials? I suspect you don’t even need to “set up strong usernames and passwords to prevent this attack”, though you should to prevent future problems.
Comments are closed.