- Segstick: Build Your Own Self-Balancing Vehicle in Just 2 Days with ArduinoPosted 1 week ago
- ZSWatch: An Open-Source Smartwatch Project Based on the Zephyr Operating SystemPosted 4 weeks ago
- What is IoT and which devices to usePosted 1 month ago
- Maker Faire Rome Unveils Thrilling “Padel Smash Future” Pavilion for Sports EnthusiastsPosted 2 months ago
- Make your curtains smartPosted 2 months ago
- Configuring an ESP8266 for Battery PowerPosted 2 months ago
- Creating a Telegram Bot for ESP32Posted 2 months ago
- Mini Course on BlynkPosted 2 months ago
- Creating a Unique Electronic Musical Instrument: The Sound WallPosted 2 months ago
- Building a Laser MicroscopePosted 2 months ago
Raspberry Pi Malware Targets Unsecure Devices
A Linux malware, Linux.MulDrop.14, that infects Raspberry Pi devices has been detected. The malware was spotted around the mid of May 2017 with the aim of mining cryptocurrency on Raspberry Pi devices with Rasberry Pi 2 being the most vulnerable.
According to Dr. Web, the Russian antivirus maker, the malware comes in the form of a Bash script which contains a mining program that is compressed with gzip and is encrypted with base64. After it is launched, the script shuts down many processes and installs libraries such as Zmap and sshpass required for its operation.
The malware targets Raspberry Pi devices that are using default login and password with SSH ports open to external connections. It gains access to the device by using the default Raspberry Pi login “pi” and password “raspberry”.
The malware changes the user’s password and goes on installing the cryptocurrency mining programs. Afterward, it installs Zmap, the Internet-scanning tool, to scan the Internet for other vulnerable Raspberry Pi devices with open SSH port and default login credentials.
To protect your device from this malware, you have to:
- Update the operating system. By doing this, the SSH port id is disabled.
- Change the default password. The best way to stop the malware attack is by changing your default password and login since they infect by using the Raspberry Pi default user and password.