Is your
Android TV breaking down?
A new
malware has infected roughly 13,500 Internet of Things (IoT) devices like
Android TVs in 84 countries, primarily in the Asia-Pacific nations.
The new variant of the InterPlanetary Storm malware is
targeting IoT devices such as TVs that run on Android operating systems and
Linux-based machines, such as routers with ill-configured SSH (secure shell)
service.
Researchers note that the malware is building a botnet, currently infecting 13,500 machines and this number is expected to grow.
Half of the infected machines are in Hong Kong, South
Korea and Taiwan.
US-based cybersecurity firm Barracuda Networks found several
unique features designed by the cybercriminal organisation to help the malware
persist and protect itself once it has infected a machine.
It detects the computer security mechanism,
honeypots, auto updates itself, tries to persist itself by installing a service
using a "Go daemon" package and also kills other processes on the
machine that pose a threat to the malware, such as debuggers and competing
malware.
Such a rapidly evolving threat environment
requires advanced inbound and outbound security techniques that go beyond the
traditional gateway.
"To safeguard IoT devices against this
malware variant, it will be necessary to properly configure SSH access on all
devices. This means using keys instead of passwords, which will make access
more secure," the researchers noted.
When password login is enabled and the service
itself is accessible, the malware can exploit any ill-configured attack
surface.
Beware!