BRICKERBOT TAKES DOWN YOUR IOT gadgets permanently

There is a new class of virii in town, particularly targeting Web of things (IoT) devices. BrickerBot as well as its variations do precisely as their name says, turning your wise gadgets into bricks. somebody available has gotten exhausted of all the IoT safety and security defects as well as has undertaken extreme (and illegal) steps to repair the problem. Some of the early reports have are available in from a safety and security business called Radware, who isolated two variations of the virii in their honeypots.

In a nutshell, BrickerBot gains gain access to to insecure Linux-based systems by utilizing brute force. It tries to telnet in utilizing typical default root username/password pairs. when inside it utilizes shell commands (often offered by BusyBox) to compose random data to any type of mounted drives. It’s as simple as

dd if=/dev/urandom of=/dev/sda1
With the secondary storage wiped, the gadget is efficiently useless. There is already a name for this: a long-term Denial-of-Service (PDoS) attack.

Now any type of card bring Hackaday visitor will understand that a system taken down such as this can be recuperated by re-flashing with USB, JTAG, SD, other methods. However, we’re not BrickerBot’s meant audience. We’ve all altered our gadgets default passwords, right? RIGHT?

For much more IoT security, inspect out Elliot’s outstanding short article about botnets earlier this year, as well as its follow-up.