Home BrickerBot malware will brick unsecure Internet of Things devices

BrickerBot malware will brick unsecure Internet of Things devices

A new malicious software program targeting Linux-based Internet of Things (IoT) devices, called BrickerBot, has been spotted by cybersecurity vendor Radware.

BrickerBot is similar to Mirai, the destructive malware program that enlists corrupt IoT devices into botnets for denial-of-service (DDoS) attacks. Like Mirai, BrickerBot attacks unsecure devices that have not changed the default username and password.

See also: 5 IoT cybersecurity predictions for the coming year

Once inside the unsecure device, BrickerBot starts to permanently remove the storage and revokes Internet access, effectively killing the unit. This is the major difference between Mirai and BrickerBot; while Mirai uses the corrupt IoT devices, BrickerBot makes them unusable.

It is not known how many devices, if any, have fallen victim to a BrickerBot attack.

The attack does appear to be easy to pull off in theory, as all an attacker would need is remote access to the IoT device. Many of the devices are connected to the Internet through routers that suffer from the same poor authentication and encryption techniques.

Here are a few tips

The firm said it provides five solutions to make avoid a BrickerBot attack:

  • Change the device’s factory default credentials.
  • Disable Telnet access to the device.
  • Network Behavioral Analysis can detect anomalies in traffic and combine with automatic signature generation for protection.
  • User/Entity behavioral analysis (UEBA) to spot granular anomalies in traffic early.
  • An IPS should block Telnet default credentials or reset telnet connections.

It is another sign that IoT devices need at least basic security to avoid catastrophic damage to commercial and industrial devices. Most manufacturers still lack basic encryption and do not teach users how to change the username and password.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.