Linux.MulDrop.14, as the malware has been snappily named, infects Raspberry Pi devices which have been connected to the internet – but only those which have been left with the default username and password in place.
If that’s the case, the malware author can hijack the Pi, whereupon it installs ZMap and sshpass software, and proceeds to begin mining virtual currency for the benefit of the nefarious party at the other end of this setup.
Obviously, there’s one thing that owners of the mini-computer board should do if they are going to connect their device to the internet, and that’s change these defaults.
As we’ve seen throughout the years, leaving these details at their defaults is a bad idea for any net-connected device, and many routers have been compromised because of this.
June is shaping up to be a pretty dodgy month when it comes to malware, given that Shadow Brokers has promised it’s going to release a fresh load of pilfered NSA hacking tools to those willing to pay for them. These will be aimed at cracking everything from Windows 10 PCs down to the likes of routers and phones, the organisation has previously said.
It was a stolen NSA hacking tool which the recent WannaCry ransomware was built around, just to give you some idea of the scale of malware assault we could potentially face later this month.
As ever, always keep your software and operating system up-to-date – and never leave default login credentials in place on your connected devices.
- Pair up your Raspberry Pi with one of our best monitors