Home → News → Kaiji Malware Targets IoT Devices Via SSH Brute-Force... → Full Text

Kaiji Malware Targets IoT Devices Via SSH Brute-Force Attacks

By ZDNet

May 19, 2020

[article image]

Researchers at Intezer Labs have discovered a new strain of malware that was specifically built to infect Linux-based servers and smart Internet of Things (IoT) devices.

The Kaiji malware is written in the Go programming language—rather than C or C++, the two languages in which most modern IoT malware is coded.

The botnet is currently incapable of using exploits to infect unpatched devices. Instead, Kaiji executes brute-force attacks against IoT devices and Linux servers that have left their SSH port exposed on the Internet.

After it gains access to a device's root account, Kaiji uses the device in three ways: for distributed denial of service (DDoS) attacks; to carry out more SSH brute-force attacks against other devices, and to steal any local SSH keys and spread to other devices the root account has managed in the past.

From ZDNet
View Full Article


Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


No entries found