Kaiji, a new strain of malware that is created from scratch using the Golang programming language, has been infecting Linux-based servers and Internet of Things (IoT) devices to launch distributed denial-of-service (DDoS) attacks.
IoT devices targeted by malware attacks
IoT devices have been a regular target of several malware operators.
- In May 2020, Kaiji botnet was found using infected IoT devices to launch DDoS attacks and carry out more SSH brute-force attacks against other devices.
- In April 2020, Mozi malware was observed, which was developed by combining the code from Gafgyt, Mirai, and IoT Reaper malware. It could target unpatched IoT devices including home routers and DVRs to form a peer-to-peer (P2P) botnet.
- In February 2020, a self-spreading variant of the Lemon Duck malware targeted IoT devices embedded with Windows 7, targeting roughly 200 million devices worldwide.
The ever-growing count of IoT devices is expected to reach 5.8 billion by the end of 2020. Several recent research reports chalk out some common threats related to IoT devices.
- According to the 2020 Unit 42 IoT Threat Report, a full 98 percent of all IoT device traffic is still unencrypted, exposing personal and confidential data on the network.
- In October 2019, research by Northeastern University and Imperial College London indicated that 56% of US IoT devices and 83.8% of UK devices have been exposing information to third parties.
Other threats to IoT devices
There are several additional threats that may lead to a compromise of IoT devices.
- The attackers may leverage the common vulnerabilities affecting many IoT devices, like the SweynTooth vulnerability found in certain medical devices using Bluetooth Low Energy, or the Telnet backdoor vulnerabilities present in millions of IoT radio devices.
- In August 2019, the Russia-based cyber-espionage group, Fancy Bear, had compromised IoT devices to infiltrate corporate networks. This was done using the manufacturer's default passwords for some devices, while other devices were compromised by exploiting unpatched vulnerabilities.
- Besides these, intruders have been observed attempting a wide range of attack vectors like brute-force attacks, eavesdropping, etc, to target IoT devices.
How to stay safe
Users should always use secure wireless networks, install security software from trusted sites, and use strong and unique passwords for device accounts, Wi-Fi networks, and connected devices. It is also important to regularly check for firmware updates and security patches from IoT vendors.