The author behind the BrickerBot, a new variant of malware discovered in the wild to target unsecure IoT devices to effectively ‘brick’ or kill them, has claimed as many as two million devices, according to the malware’s alleged author.
BrickerBot shares similar characteristics with Mirai, the infamous malware program that targets and ultimately groups scores of IoT devices into botnets for large DDoS attacks. The malware first short to prominence after an alert notice by the Department of Homeland Security’s ICS-CERT (Industrial Control Systems Cyber Emergency Response Team), earlier this month.
The response team added it is “working to identify vendors of affected IoT devices in order to collect product-specific mitigations and compensating controls.’
IT website BleepingComputer claims to have communicated with BrickerBot’s creator. As it so happens, the author behind the malware is a ‘grey hat’ hacker, one who is frustrated by the state of security in IoT devices.
With the PDoS (permanent denial of service) malware, the author, who goes by the moniker ‘Janitor’, contends that he or she is taking out vulnerable devices permanently. The justification is that these permanently bricked devices will no longer be vulnerable to compromises that could ultimately lead to sweeping botnet-led DDoS attacks.
“Like so many others I was dismayed by the indiscriminate DDoS attacks by IoT botnets in 2016. I thought for sure that the large attacks would force the industry to finally get its act together, but after a few months of record-breaking attacks it became obvious that in spite of all the sincere efforts the problem couldn’t be solved quickly enough by conventional means,” the malware author wrote in an email to BleepingComputer.
Janitor adds that a majority of the consumer-based IoT devices found on the net have been deployed “almost exactly” as they were when they left the manufacturer’s premises.
“I hope that regulatory bodies will do more to penalize careless manufacturers isnce market forces can’t fix this problem,” the author added.
[W]hen the count is over 2 million [IoT devices], it’s clear that I had no idea (and still have no idea) how deep the rabbit hole of IoT security is. I’m certain the worst is still ahead of us.
Janitor adds that BrickerBot’s actions are ‘unconventional’ but hops that vendors, industry and the government collectively work to “get the current IoT security nightmare under control.”
A detailed and updated notice of the CERT alert can be found here.
Image credit: Pexels.