|Posted on May 30, 2017 at 1:40 PM|
Dr. Web, a cyber firm, has found a Windows trojan that helps spread the infamous
Mirai botnet across LoT (Internet of Things) devises. The newly found trojan targets
Windows systems, and once installed, the trojan scans the network for connected LoT
devises. If it finds a vulnerable devise, it compromises the devise and uses it in later
attacks. Last year in October, Mirai brought down a huge chunk of the Internet by
launching a DDoS (Distributed Denial of Service attack on the DYN managed DNS
The Windows trojan doesn’t stop at compromising the LoT devises; it continues to
spread itself to other Windows devises to further find and exploit more LoT devises.
Researchers noted that the malware could also identify and compromise database
services running on various ports, including MySQL and Microsoft SQL, to create
a new admin phpminds with the password phpgodwith, allowing attackers to steal
At this time, it is not known who created the trojan, but the attack design demonstrates
that LoT devises that are not directly accessible from the Internet can also get hacked
to join the Mirai botnet army.
LoT devises are already vulnerable to infection, so why are malware writers targeting
Windows? Primarily because Windows still dominate the market and it gives the
malware writer’s another platform to spread the botnet.
This is not the only security hole plaguing Microsoft’s products. Earlier, Google disclosed
flaws in Microsoft’s GDI library that affects every Window version all the way back to
Windows Vista. Another unpatched flaw that effects the SMB protocol, allowing attackers
to crash the system.
In a previous blog post, I have cited the preceding paragraph of information. Isn’t is time
you the reader switch to a Linux Operating System? Comments welcome.