Google Play icon

Update: Symantec discovers Linux.Darlloz worm targetting embedded systems

Posted December 3, 2013

Kauro Hayashi of Symantec announced the discovery of a malicious worm, named Linux.Darlloz, infecting Linux powered embedded systems. The worm seems to be targeted at the ‘Internet of things’, basically, any device capable of obtaining an IP address and connecting to the Internet. Common examples include home routers, security cameras and set-top boxes. Linux is widely used in such devices.

The worm exploits a vulnerability in PHP which was patched more than one and half years back, in May 2012. This worm currently targets the x86 architecture. However, variants for  ARM, PPC, MIPS and MIPSEL have been found on the server hosting this worm. As can be inferred, an opportunity presents itself to the worm to propagate and infect a huge number of devices.

As per the post, the worm propagates by finding out devices which use familiar login credentials. For e.g. many routers are set up with default login and password which use common keywords. Once the worm is able to successfully hack into a system, it downloads itself into the device, generates random IP addresses to find the next victim. Currently, the worm seems only to propagate and has not known to perform any other malicious action.

Symantec recommends the following actions to protect a system from attack –

  1.  Verify all devices connected to the network
  2. Update their software to the latest version
  3. Update their security software when it is made available on their devices
  4. Make device passwords stronger
  5. Block incoming HTTP POST requests to the following paths at the gateway or on each device if not required:
    • /cgi-bin/php
    • -/cgi-bin/php5
    • -/cgi-bin/php-cgi
    • -/cgi-bin/php.cgi
    • -/cgi-bin/php4

What complicates matters is that users may not even know that they are at risk as vendors of routers or set-top boxes are extremely lazy to keep such devices updated.

Source: Muktware

Featured news from related categories:

Technology Org App
Google Play icon
84,082 science & technology articles

Most Popular Articles

  1. Efficiency of solar panels could be improved without changing them at all (September 2, 2019)
  2. Diesel is saved? Volkswagen found a way to reduce NOx emissions by 80% (September 3, 2019)
  3. The famous old Titanic is disappearing into time - a new expedition observed the corrosion (September 2, 2019)
  4. The Time Is Now for Precision Patient Monitoring (July 3, 2019)
  5. Europe and US are Going to Try and Deflect an Asteroid (September 6, 2019)

Follow us

Facebook   Twitter   Pinterest   Tumblr   RSS   Newsletter via Email