Researchers have developed a kind of "helpful" discovered malware that infects Internet routers and IoT devices, and then secure the devices and to remove any existing malware. The malware by security firm Symantec Wifatch called and last year was already discovered by another researcher, who gave the name ifwatch gave.
The malware spreads probably via Telnet and uses weak passwords. Once active, the routers and other devices part of a peer-to-peer network to exchange threat information. Furthermore Wifatch disable the Telnet daemon, so that other attackers can not gain access. The malware also leave a message for the owner behind to change the password, disable Telnet and update the firmware. Wifatch also has a module to remove malware infections on the unit.
Despite the actions that Symantec designates Wifatch executes the program so as malware, partly because it contains a number of general backdoors that the creator can access. The backdoors do require a digital signature, so others can not use.Symantec may be tens of thousands of devices with malware infected, most of them in China and Brazil. Owners of an infected router to remove Wifatch can easily do this by resetting the device.
No comments:
Post a Comment