A new threat endangers the devices attributable to the Internet of Things: discovered by researcher Larry Cashdollar of Akamai, it takes the name of Silex and due to its way of acting it brings to mind the BrickerBot malware operating between April and December of 2017 The experts at work to monitor the situation speak of thousands of products already affected, with the propagation destined to continue in the coming days.
Silex, a malware for the Internet of Things
Silex eliminates everything contained in the device memory, deletes the firewall filters and removes the network configurations. Following the compromise, the only way to restore the correct functioning is the one that passes from a new manual installation of the firmware, operation for obvious reasons not within the reach of the less savvy. Some might think of a hardware problem and throw the device in the trash. Thus Cashdollar explains the operation of the malware .
Use known credentials for IoT devices, in order to authenticate and compromise the system. It does this by writing random data from / dev / random on each storage unit identified.
It's trashing the storage, dropping the iptables rules, removing the network configuration and then halting the device. pic.twitter.com/Ue661ku0fy
— Larry W. Cashdollar (@_larry0) June 25, 2019
The origin of Silex seems to have been identified on a server located in the territory of Iran . According to Ankit Anubhav of NewSky Security, who conducted a first survey in collaboration with the editorial staff of the ZDNet site, the person in charge is a 14-year-old known under the pseudonym Light Leafon, already author of the HITO botnet always addressed to the IoT field and recently the protagonist of the ‘ streaming interview below.
The creator of the malware does not hide and claims to have started the project almost as a joke, evolving it in collaboration with a colleague named Skiddy to become an initiative that now engages him full time, providing for the inclusion of additional features capable of to make it even more destructive. As long as someone does not put an end to his work.