Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Destructive Malware Intentionally Bricks IoT Devices (bleepingcomputer.com)

Posted by BeauHD on from the vigilante-justice dept.

An anonymous reader writes: "A new malware strain called BrickerBot is intentionally bricking Internet of Things (IoT) devices around the world by corrupting their flash storage capability and reconfiguring kernel parameters. The malware spreads by launching brute-force attacks on IoT (BusyBox-based) devices with open Telnet ports. After BrickerBot attacks, device owners often have to reinstall the device's firmware, or in some cases, replace the device entirely. Attacks started on March 20, and two versions have been seen. One malware strain launches attacks from hijacked Ubiquiti devices, while the second, more advanced, is hidden behind Tor exit nodes. Several security researchers believe this is the work of an internet vigilante fed up with the amount of insecure IoT devices connected to the internet and used for DDoS attacks. "Wow. That's pretty nasty," said Cybereason security researcher Amit Serper after Bleeping Computer showed him Radware's security alert. "They're just bricking it for the sake of bricking it. [They're] deliberately destroying the device."

12 of 163 comments (clear)

  1. I commend the effort... by Anonymous Coward · · Score: 5, Insightful

    carry on.

    1. Re:I commend the effort... by Zocalo · · Score: 3, Insightful

      Ordinarily, I'd condemn this kind of vigilante action, but in this instance I'm hardly struggling with it at all. Mirai kicked off in early September 2016. It's now April 2017. That's six full months, almost to the day, that device owners, ISPs, and vendors have had to secure their devices, filter inbound scanning/outbound end-user traffic, and produce update firmware, yet there's very little evidence any of that is happening at scale (shocking, I know), so it's clearly not going to. The rest of us, meanwhile, have been subjected to continual port scanning and DDoS attacks. Taking vulnerable devices out of commission, placing the cost of that on owners and vendors, plus pressure from both on ISPs to start to filter the malicious traffic, is clearly the only approach that is going to work at this point, and might even encourage vendors to put a little more thought into security in future.

      Carry on indeed. Hell, post the code like the original Mirai author did - we might as well wrap this up as fast as Mirai and its clones were able ramped up. Open Source, ftw!

      --
      UNIX? They're not even circumcised! Savages!
  2. If pwnable easily it must die - network darwinism by Anonymous Coward · · Score: 3, Insightful

    If it's secured, then it belongs on the network. If it's not secured, this is the best possible outcome, non-function and removal.

    Good job.

  3. Re:Sledgehammer approach. by Snotnose · · Score: 2, Insightful

    Yeah, came here to say this. Surprised I'm in the majority on this.

    If you can't figure out how to secure your device, or you are unable to do so, then so sad too bad. Hope a bunch of IoT vendors go tits up.

  4. Was already broken by bhetrick · · Score: 5, Insightful

    These devices were already broken. Now they are non-functional as well.

  5. Re:Sledgehammer approach. by networkBoy · · Score: 3, Insightful

    I'm not.
    I think most here on /. are of this general opinion. It's machiavellian for sure, but really does have the whole "Ends justify the means" feel to it.

    Hopefully (though doubtfully) the OEMs will be eating a lot of warranty returns. It is only if this costs the OEMs money that the problems will be fixed. If it only costs the end users money then not a ton will really happen.

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  6. Re:We knew it was coming... by Zaelath · · Score: 5, Insightful

    Better than the two women that got killed because their insecure garage door opener let the maniac in.

  7. Re:Sledgehammer approach. by rgmoore · · Score: 5, Insightful

    I can break into your house because it's not secure enough. Is that OK too?

    If the house has already been taken over by a criminal gang, it's a different matter. That's a better analogy with a lot of these insecure IoT devices. They aren't just sitting there innocently; if they're vulnerable to being shut down by this malware, they're also vulnerable to being taken over by botnets. This is not just a theoretical worry; some of the big recent DDOS attacks have been by IoT device botnets.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  8. And so.. by ACE209 · · Score: 5, Insightful

    ..the Internet developed antibodies.

    --
    "we are all atheists about most of the gods that societies have ever believed in. Some of us just go one god further."
  9. Nasty?! Isn't this better for everyone? by monkeyzoo · · Score: 4, Insightful

    The security researcher calls this nasty?! It's genius!

    It's certainly vigilante. But given the societal harm being caused by shoddy IOT devices, bricking them is quite arguably noble. Also, this could be good for the affected users too. Would you rather have your cheap IOT device fail and realize something is wrong with it or have it become an entry point for stealing critical data from your network or infecting your important devices with ransomware?

    At least if your device breaks, you realize something is wrong with it and can complain to the manufacturer for a refund instead of it spying on you and/or serving as a node in a criminal's botnet.

    Not to mention that in the long run, the impact of this would likley be that companies face immediate PR blowback that kills sales when they release shoddy devices. They will quickly learn that to make any money they need to pay attention to implementing reasonable security precautions.

    Carry on soldier!

  10. Re:Sledgehammer approach. by Anonymous Coward · · Score: 0, Insightful

    as opposed to the morality of the fucktard that put a device on the internet to be used as an attack platform against you? idiot. and your analogy is wrong. fucking idiot. dont breed. stay off the internet, leave it to the adults.

  11. Re:Sledgehammer approach. by freeze128 · · Score: 3, Insightful

    I don't like your analogy because peoples houses aren't ALWAYS targeted by criminals. How about we replace "your house" with "your local bank".

    Suppose your local bank just left money lying around on the floor of the lobby. If anyone takes that money, they are stealing. Is that OK? Of course not, but it's really risky and stupid to keep it there in the first place. Also, in order to be FDIC insured, the bank needs to take at least some minimal precautions, like storing the money in a vault, and maybe having an armed guard. If the bank doesn't do this, they would probably be robbed the most, and the FDIC would not insure them. Result - The bank would quickly go out of business and close.

    The malware is breaking the law by bricking the device, but in this scenario, I'm the fucking FDIC, bitch! I demand better security on your IOT device, or you must shut it down.