Author Topic: Mirai worm  (Read 1020 times)

Offline cavy

  • Trusted User
  • Member
  • *****
  • Posts: 477
  • Karma: 97
  • Caveman
    • View Profile
  • Peppermint version(s): Peppermint Ten
Mirai worm
« on: December 02, 2016, 04:20:52 am »
Hi all, read this article today: http://www.bbc.co.uk/news/technology-38167453   :o

Quote
It involves the use of a modified form of the Mirai worm - a type of malware that is spread via hijacked computers, which causes damage to equipment powered by Linux-based operating systems

If true that puts a spanner in the works and the belief there are no viruses in the wild that affect Linux?   :-\
“We know what we are, but not what we may be.”

Various machines to sample the delights of Linux

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26452
  • Karma: 65531
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Mirai worm
« Reply #1 on: December 02, 2016, 04:41:06 am »
a) it's not so much a "Linux" security issue as an issue around the lax security implemented by some device (router/webcam/etc) manufacturers in their embedded Linux firmware.
(Linux security is just fine .. the device firmware implementation is to blame)

b) it's not a "virus" .. more malware that takes advantage of that lax security.
« Last Edit: December 03, 2016, 11:15:57 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline GNULINUX

  • Member
  • ***
  • Posts: 986
  • Karma: 311
    • View Profile
  • Peppermint version(s): Peppermint Six (x64)
Re: Mirai worm
« Reply #2 on: December 02, 2016, 09:08:33 am »
In addition to PCNetSpec:

The infected "machines" are not desktop computers or servers but "IoT". The software on these "things" is mostly based on "Linux/Unix" (because it's free in both meanings). A perfect example is an Android powered "smart"phone, but as we all know an Android infection can do little (as in nothing) on a Linux desktop/server! They both have a Linux (based) kernel but that's probably the only thing they have in common.

To be honest, the article is totally biased...
The real problem with the routers mentioned in the article is that they have an "unprotected" open port for (remote) firmware updates! So it's just bad configuration and lack of security by Germany's Deutsche Telekom.
The real joke is that their previous model router is not vulnerable because there the port is properly better secured, they call it progress!  ::)

Greets!
Peppermint 6  (x64)   -   Windows 7 Ultimate SP1  (x64)
Running different OS flavors in VirtualBox, just for fun!

Offline cavy

  • Trusted User
  • Member
  • *****
  • Posts: 477
  • Karma: 97
  • Caveman
    • View Profile
  • Peppermint version(s): Peppermint Ten
Re: Mirai worm
« Reply #3 on: December 03, 2016, 08:58:49 am »
Cheers guys  8)

“We know what we are, but not what we may be.”

Various machines to sample the delights of Linux