mhbell Posted June 29, 2017 Share Posted June 29, 2017 Well Folks it looks like as Linux is gaining popularity it is also gaining more virus and Malware from Cyber Criminals. Up 36 percent. Mel Linux malware is becoming a more important tool for cybercriminals as these individuals focus a greater portion of their attention on attacking IoT devices running the open-source operating system. WatchGuard's Internet Security Report Q1 2017 found malware targeting Linux now comprises 36 percent of all malware spotted by WatchGuard with three Linux variants, Linux/Exploit, Linux/Downloader and Linux/Flooder, being included in the list of top 10 malware samples of the first quarter. For good measure the report argues PERL/ShellBot could also be considered a Linux malware as it primary targets systems running that software. Read More Here 2 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted June 29, 2017 Share Posted June 29, 2017 Well there is a simple reason for IoT devices getting hacked. They all use the same ports and default username/passwords. Sort of like how you can get a list of default router username/passwords easily enough by googling, the same holds true for these smart appliances. I watched a security talk the other week that was talking about this same, exact thing. Basically there are all the interconnected devices coming out but none of them offer any kind of real security so you are left with tons of devices that do not allow you to change the default password and such. The only reason why it is linux getting attacked is because these devices run embedded linux. Unless you understand how to configure your devices (mac filtering and such), these IoT devices are currently wide open for anyone to look up and attack. 3 Quote Link to comment Share on other sites More sharing options...
goretsky Posted June 30, 2017 Share Posted June 30, 2017 Hello, I did a presentation a few years ago for work in which I referred to it as "The Internet of Infected Things." I wonder if we ever put the slide deck up anywhere? What's interesting is that the targets on attacks still seems to follow a bathtub curve. The little IoT devices mark one peak, while the big server farms mark the other. In the middle, desktops don't seem to be of much interest. Admittedly, there is little ROI for an attacker to go after Linux desktops--they tend to be run by tech-savvy users who usually know a thing or two about security. I would imagine that, financially-speaking, there's probably more of an advantage to attacking Macs, since as more expensive computers, they likely belong to people who have larger bank accounts to steal from. Regards, Aryeh Goretsky 3 Quote Link to comment Share on other sites More sharing options...
abarbarian Posted June 30, 2017 Share Posted June 30, 2017 Yep them there Apple users sure do come in useful. There is nothing like a fat juicy sacrificial goat to attract the attention of hungry wolves. The best of it is a great deal of Apple users feel that they are invulnerable and take no precautions at all. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted June 30, 2017 Share Posted June 30, 2017 Hello, I did a presentation a few years ago for work in which I referred to it as "The Internet of Infected Things." I wonder if we ever put the slide deck up anywhere? What's interesting is that the targets on attacks still seems to follow a bathtub curve. The little IoT devices mark one peak, while the big server farms mark the other. In the middle, desktops don't seem to be of much interest. Admittedly, there is little ROI for an attacker to go after Linux desktops--they tend to be run by tech-savvy users who usually know a thing or two about security. I would imagine that, financially-speaking, there's probably more of an advantage to attacking Macs, since as more expensive computers, they likely belong to people who have larger bank accounts to steal from. Regards, Aryeh Goretsky Do you publish those talks online in a central place? I would enjoy watching them. I have seen various Eset ones before that you were in but would like to see more. 2 Quote Link to comment Share on other sites More sharing options...
goretsky Posted June 30, 2017 Share Posted June 30, 2017 (edited) Hello, The slide deck in question is at https://www.slidesha...ewfinal-for-pub, with the actual IoT stuff starting on slide 14. The talk is hosted at https://www.brightta.../110971. All the talks can be found at https://www.brightta...hreats-channel. You have to sign up for BrightTalk in order to watch talks, but it's free to do so. Be sure to uncheck any newsletter-type options, though, I seem to recall them being a bit "chatty" when I set up my account. Regards, Aryeh Goretsky Edited July 1, 2017 by goretsky fixed HTML 2 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted July 1, 2017 Share Posted July 1, 2017 Hello, The slide deck in question is at https://www.slidesha...ewfinal-for-pub, with the actual IoT stuff starting on slide 14. The talk is hosted at https://www.brightta.../110971.  All the talks can be found at https://www.brightta...hreats-channel. You have to sign up for BrightTalk in order to watch talks, but it's free to do so. Be sure to uncheck any newsletter-type options, though, I seem to recall them being a bit "chatty" when I set up my account. Regards, Aryeh Goretsky Will do, thanks man Ha, I already have an account there. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.