A new malware known as Silex is bringing smart devices to their knees.
The Silex malware, according to ZDNet, ruins smart devices by gaining access to and destroying a device’s storage, eliminating its firewall and removing its network configuration. From here, the device stops working.
Silex was reportedly created by a 14-year-old hacker who goes by the pseudonym Light Leafon, according to ZDNet. The malware went unknown until it was spotted by Larry Cashdollar, a security exploit researcher, on Tuesday. “It’s using known default credentials for IoT devices to log in and kill the system,” Cashdollar told ZDNet, which reports that Silex first affected 350 devices and then quickly spread to over 1,500 more.
HOW THE SILEX MALWARE WORKS
According to Akamai researcher Larry Cashdollar, who first spotted the malware earlier today, Silex works by trashing an IoT device’s storage, dropping firewall rules, removing the network configuration, and then halting the device.
It’s as destructive as it can get without actually frying the IoT device’s circuits. To recover, victims must manually reinstall the device’s firmware, a task too complicated for the majority of device owners.
It’s expected that some owners will most likely throw devices away, thinking they’ve had a hardware failure without knowing that they’ve been hit by malware.
“It’s using known default credentials for IoT devices to log in and kill the system,” Cashdollar told ZDNet in an email today. “It’s doing this by writing random data from /dev/random to any mounted storage it finds.
” The binary it’s calling fdisk -l which will list all disk partitions,” Cashdollar added. “It then writes random data from /dev/random to any partitions it discovers.”
“It’s then deleting network configurations, […] also, it’s [running] rm -rf / which will delete anything it has missed.”
“It also flushes all iptables entries adding one that DROPS all connections. Then halting or rebooting the device,” the researcher said.
For any Cyber Security information contact firstname.lastname@example.org