Sindoni Says

     Sindoni Says

 Trust But Verify...


Windows Helping The Spread of loT Malware

Posted on May 30, 2017 at 1:40 PM

Dr. Web, a cyber firm, has found a Windows trojan that helps spread the infamous

Mirai botnet across LoT (Internet of Things) devises. The newly found trojan targets

Windows systems, and once installed, the trojan scans the network for connected LoT

devises. If it finds a vulnerable devise, it compromises the devise and uses it in later

attacks. Last year in October, Mirai brought down a huge chunk of the Internet by

launching a DDoS (Distributed Denial of Service attack on the DYN managed DNS


The Windows trojan doesn’t stop at compromising the LoT devises; it continues to

spread itself to other Windows devises to further find and exploit more LoT devises.

Researchers noted that the malware could also identify and compromise database

services running on various ports, including MySQL and Microsoft SQL, to create

a new admin phpminds with the password phpgodwith, allowing attackers to steal

the database.

At this time, it is not known who created the trojan, but the attack design demonstrates

that LoT devises that are not directly accessible from the Internet can also get hacked

to join the Mirai botnet army.

LoT devises are already vulnerable to infection, so why are malware writers targeting

Windows? Primarily because Windows still dominate the market and it gives the

malware writer’s another platform to spread the botnet.

This is not the only security hole plaguing Microsoft’s products. Earlier, Google disclosed

flaws in Microsoft’s GDI library that affects every Window version all the way back to

Windows Vista. Another unpatched flaw that effects the SMB protocol, allowing attackers

to crash the system.

In a previous blog post, I have cited the preceding paragraph of information. Isn’t is time

you the reader switch to a Linux Operating System? Comments welcome.

Categories: None

Post a Comment


Oops, you forgot something.


The words you entered did not match the given text. Please try again.

Already a member? Sign In