Linux Worm Attacks ‘Things’

Very useful information for securing devices you may have in your home and connected to the internet.


Linux.Darlloz , in addition to being able to attack Linux computers, has the abilityto target small devices attached to the internet. Vulnerabilities in chips used in home routers, security cameras, set-top boxes like Apple TV, Roku, cable boxes and etc. and even industrial controllers are susceptible to this worm.

The devices above utilize Linux services to provide users interfaces. The interfaces use Apache Web servers and PHP servers.The malware uses an old PHP vulnerability,Information Disclosure Vulnerability (CVE-2012-1823), that was patched in May of 2012. Since the malware is designed to attack the Elf binary so far Linux.Darlloz only infects Intel x86 systems. However, the servers used to host the worm have versions forARM, PPC, MIPS and MIPSEL

Behavior exhibited byLinux.Darlloz includes randomly generated IP addresses, access to the path where IDs and passwords are kept and sends HTTP POST requests. Once the victim is infected it starts searching…

View original post 57 more words

Tagged with: , , , , , , ,
Posted in Cybersecurity

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: