A US-based cybersecurity firm Barracuda Network, on Thursday, said a new type of Malware has infected about 13,500 IoT devices including Android TVs in about 84 countries. Most of the devices that have been infected are based in Asia. The cybersecurity firm also added that the numbers might increase significantly.
This new variant of InterPlanetary malware has infected and is targeting devices that are mainly based on Linux and run the Android Operating System. Devices like routers have also been affected and the main cause of this is predicted to be an ill-configured SSH service. In addition to that, the malware is also targeting Android mobile devices, mac, and Windows. The first variant of this malware targeted Windows machines back in May.
The company also reported that, although many cases have been reported in Asia, the attack on IoT devices of India is comparatively less than other countries like China, South Korea, Hong Kong, and Taiwan.
Speaking on this issue, Murali URS, Country Manager – India, said, “While the botnet that this malware is building does not have clear functionality yet, it gives the campaign operators a backdoor into the infected devices so they can later be used for crypto mining, DDoS, or other large-scale attacks.”
Not only that, but researchers at Barracuda have also found that this malware was developed with the ability to protect itself after it infects a machine. It detects a machine’s security mechanism, updates itself automatically, and tries to stay by installing a service called “Go daemon,” killing any other software that might try to kill this malware.
Researchers also added, “To safeguard IoT devices against this malware, configuring SSH properly is necessary. Using SHA256 keys instead of passwords would be a great step to prevent the infection as the malware can exploit ill-configured attack surfaces, i.e when password login is enabled and the service is accessible.
Currently, Barracuda claims that routers and IoT devices are easy targets for malware.