If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Linux Hacked Again. "Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots
Nomen Nescio wrote:
Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise. This is a major game-changing moment in the realm of IoT and router malware. Until today, equipment owners could always remove IoT malware from their smart devices, modems, and routers by resetting the device. The reset operation flushed the device's flash memory, where the device would keep all its working data, including IoT malware strains. "Hide and Seek" malware copies itself to /etc/init.d/ Too bad that this directory contains no daemons anymore with systemd linux versions. So this would raise alarms at once |
Ads |
#2
|
|||
|
|||
Linux Hacked Again. "Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots
Peter Köhlmann wrote:
Nomen Nescio wrote: Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise. This is a major game-changing moment in the realm of IoT and router malware. Until today, equipment owners could always remove IoT malware from their smart devices, modems, and routers by resetting the device. The reset operation flushed the device's flash memory, where the device would keep all its working data, including IoT malware strains. "Hide and Seek" malware copies itself to /etc/init.d/ Too bad that this directory contains no daemons anymore with systemd linux versions. So this would raise alarms at once Is Android using systemd? -- 'Merging? There goes choice! Right? I mean choice is good... why merge projects? I am mocking the "choice" mantra of the herd. But before there were two choices - now there is one.' - some thing, putting its ignorance on display |
#3
|
|||
|
|||
Linux Hacked Again. "Hide and Seek" Becomes First IoT BotnetCapable of Surviving Device Reboots
On 2018-08-02, chrisv wrote:
Peter Köhlmann wrote: Nomen Nescio wrote: Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise. This is a major game-changing moment in the realm of IoT and router malware. Until today, equipment owners could always remove IoT malware from their smart devices, modems, and routers by resetting the device. The reset operation flushed the device's flash memory, where the device would keep all its working data, including IoT malware strains. "Hide and Seek" malware copies itself to /etc/init.d/ Too bad that this directory contains no daemons anymore with systemd linux versions. So this would raise alarms at once Is Android using systemd? No. It has it's own init system. -- press any key to continue or any other to quit... |
#4
|
|||
|
|||
Linux Hacked Again. "Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots
Andreas Kohlbach presented the following explanation :
On Thu, 02 Aug 2018 13:17:30 -0500, chrisv wrote: Peter Köhlmann wrote: Nomen Nescio wrote: The reset operation flushed the device's flash memory, where the device would keep all its working data, including IoT malware strains. "Hide and Seek" malware copies itself to /etc/init.d/ Too bad that this directory contains no daemons anymore with systemd linux versions. So this would raise alarms at once Is Android using systemd? Not yet. ;-) We are the systemd, you will be assimilated. Resistance is futile. [TM] Escape route: Devuan, Slackware, + |
#5
|
|||
|
|||
Linux Hacked Again. "Hide and Seek" Becomes First IoT Botnet Capable of Surviving Device Reboots
On Thu, 02 Aug 2018 16:48:56 -0500, Anonymous
wrote: Andreas Kohlbach presented the following explanation : On Thu, 02 Aug 2018 13:17:30 -0500, chrisv wrote: Peter Köhlmann wrote: Nomen Nescio wrote: The reset operation flushed the device's flash memory, where the device would keep all its working data, including IoT malware strains. "Hide and Seek" malware copies itself to /etc/init.d/ Too bad that this directory contains no daemons anymore with systemd linux versions. So this would raise alarms at once Is Android using systemd? Not yet. ;-) Doesn't need it. It was born with a TLA's eyes and ears. We are the systemd, you will be assimilated. Resistance is futile. [TM] Escape route: Devuan, Slackware, + I went Devuan. Though I had some bad crashes last week when it updated a keyring program that now has systemd as a dependency .... I can't reboot with the pretty little red icon anymore. Need to login as root and type "reboot". Still resisting. []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
Thread Tools | |
Display Modes | Rate This Thread |
|
|