Internet of Things malware has suddenly become a top priority for manufacturers around the world. The recent Mirai botnet attack, which knocked many popular internet services offline for the bigger part of a day, is not the only threat in existence. Security researchers uncovered a new form of malicious code that borrows certain aspects from Mirai.
The Logical Evolution of IoT Malware Has Begun
When the Mirai creators made their source code publicly available on the internet, it was only a matter of time until new variants would show up. One of those new strains of malware has security researchers concerned right now. Not only does it show signs of Mirai, but also other botnets that have been used to execute DDoS attacks in recent months.
Going by the unusual name of Linux/IRCTelnet, the new malware can flood both UDP and TCP connections. However, where other variants would only attack the IPv4 infrastructure, this new threat also targets IPv6 connectivity. All communication is conducted through the IRC network, rather than traditional command-and-control servers.
As one would come to expect from such malware threats, Internet of Things devices with standard login credentials remain vulnerable. Botnets will try to sniff out these devices and log in through the credentials to gain elevated privileges. Once successfully achieved, the hackers can then take full control of these devices for all kinds of nefarious purposes.
Perhaps the most worrisome aspect of this malware is how some of its code base dates back to malicious code discovered back in 2013. For some unknown reason, hundreds of thousands of IoT devices targeted during these attacks are still vulnerable to similar exploits today. Manufacturers need to step up their security game sooner rather than later, that much is certain.
Although this new malware has only been discovered a few days ago, several thousands of devices have been infected already. Granted, the numbers are a lot lower compared to what Mirai achieved over time, but the rate of over 700 devices per day is troublesome. This new development, which builds further on proven successful malware, is not a positive development by any means.
For now, the race is on between internet criminals and security experts all over the world. Publicly releasing the source code of this botnet malware serves two purposes, as it also gives researchers ample time to figure out its inner workings. New variants based on this source code will show up over time, but it remains to be seen how powerful they can be in the long run.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
