Your new post is loading...
Remaiten Linux Bot Targets Routers and Potentially Other Embedded (IoT) Devices
A new piece of malware is targeting embedded systems with the mission to compromise and make them part of a botnet, ESET security researchers have discovered.
Dubbed “Remaiten” (Linux/ Remaiten), the new threat combines the capabilities of previously spotted Tsunami (also known as Kaiten) and Gafgyt malware and also brings a series of improvements and new features. According to ESET, three versions of Remaiten have already emerged, while the malware authors call their creation “KTN-Remastered” or “KTN-RM.”
One of the capabilities that Remaiten borrows from Gafgyt is telnet scanning, though Remaiten enjoys a series of improvements, ESET’s Michal Malik explains in a blog post. Both, however, rely on improperly secured devices to successfully infect them.
Gafgyt attempts to connect to random routers via port 23, which it then issues a shell command to download bot executables for multiple architectures and tries to run them. Remaiten, on the other hand, carries downloaders for CPU architectures commonly used in embedded Linux devices, then tries to trigger the device’s platform to drop only the appropriate downloader.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
http://www.scoop.it/t/securite-pc-et-internet/?tag=Router
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux
http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
http://www.scoop.it/t/securite-pc-et-internet/?tag=Router