Jump to content
Fi8sVrs

Linux malware enslaves Raspberry Pi to mine cryptocurrency

Recommended Posts

  • Active Members

It's time to update your Raspberry Pi devices or risk them being infected with cryptocurrency mining malware.

 

pi2modb1gb-comp.jpg

Older Raspberry Pi devices, such as this Raspberry Pi 2, may be more vulnerable to the malware if they haven't been updated in a while.

Image: Raspberry Pi Foundation

 

Someone has developed a simple Linux trojan designed to harness the meager power of Raspberry Pi devices to mine cryptocurrency.

 

Raspberry Pi users may need to consider applying a recent Raspbian OS update to their devices, particularly if they are currently configured to allow external SSH connections.

 

According to Russian security firm Dr Web, the malware Linux.MulDrop.14 exclusively targets Raspberry Pi devices to use their processing power to mine a cryptocurrency.

 

Dr Web discovered the Raspberry Pi mining malware after its Linux honeypot machine became infected with it. The malware uses a simple Bash script to attempt to connect to Raspberry Pi devices configured to accept external SSH connections. It targets Raspberry Pi boards with the default login and password, which are 'pi' and 'raspberry', respectively.

 

It then changes 'pi' to

'\$6\$U1Nu9qCp\$FhPuo8s5PsQlH6lwUdTwFcAUPNzmr0pWCdNJj.p6l4Mzi8S867YLmc7BspmEH95POvxPQ3PzP029yT1L3yi6K1'.

From there it installs the internet-scanning tool ZMap and the sshpass utility, and searches the network for other devices with an open port 22 to infect them.

 

Older Raspberry Pi devices may be more vulnerable to this malware if they haven't been updated in a while. The Raspberry Pi Foundation told ZDNet sister site TechRepublic that a Raspbian OS update released late last year turned off SSH by default and forced users to change the default password.

 

However, it warned that there could still be millions of Raspberry Pi boards that haven't been updated. Some 12.5 million of the single-board computers have been sold over the past five years, according to the official Raspberry Pi Magazine.

 

The malware doesn't try to mine for Bitcoin, whose 'difficulty level' is too high to mine cost-effectively, even for a massive network of PCs let alone Raspberry Pi devices.

 

However, there are numerous other cryptocurrencies that can be mined with less computational power. In 2014, malware writers experimented with Android malware to mine Dogecoins and Litecoins. Dr Web's virus analysts said the Raspberry Pi malware mines Monero, a lesser-known, but increasingly popular cryptocurrency for dark-web drug markets.

 

Researchers in May discovered that a network of several hundred thousand PCs infected with the Adylkuzz mining malware, which used the same Windows exploit behind the WannaCry ransomware epidemic, had been toiling away on Monero blocks. At the time, Adylkuzz had generated about $43,000 over several months of mining activity.

 

 

Via: zdnet.com

Edited by Fi8sVrs
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...