Thursday, 8 October 2015

Makers Benign Router-Malware Publish Source Code

The creators of the benign malware routers, IP cameras and other Internet devices infects, and then secures the source code of their creation have been released and explained their motives. The malware came last week in the news and was released by security company Symantec Wifatch mentioned.

Last year, another researcher had already discovered the malware, which gave it the name ifwatch. The malware spreads via Telnet and uses weak passwords. Once active Wifatch disable the Telnet daemon, so that other attackers can not access anymore. The malware also leave a message for the owner behind to change the password, disable Telnet and update the firmware. Wifatch also has a module to remove other malware on the device.

After Symantec made ​​a blog posting on the malware creators published on Gitlab the source code, including their motivation. They also decided to Symantec approach. She says she developed the malware to learn from it and the project has no malicious intent. The authors regret that she unsolicited infect the machines of others, but argue that the benefits outweigh the disadvantages.

This relates to the amount saved bandwidth for other malware, the routers can use to scan ports or devices, power conservation because malware installed bitcoin miners are removed, any failures and reboots that are prevented by the routers and devices do not overheat and all passwords and money that criminals do not have to steal.

With regard to the source code is now published which partially complete. The part that creates is in fact removed before the infection, as well as the code for creating the malware. This should prevent others can use it, even though the makers warn that sensitive devices can be accessed via Telnet with a default password can be acquired by anyone. Even if they do not have the Wifatch malware.

No comments:

Post a Comment