Kaiji – a new strain of IoT malware seizing control and launching DDoS attacks

TempestCatto · May 15, 2020

Quote

Kaiji,named by researcher MalwareMustDie after one of the function names they observed in the malware’s code (but also the name of a series of Japanese manga comic books), is believed to have originated in China, but is now spreading slowly around the world infecting new devices.

What won't these guys spread?

Quote

Instead it targets servers and ‘smart’ internet-connected devices via SSH brute forcing, taking advantage of administrators who are using weak or recycled passwords.

I NEVER leave the admin password as default. NEVER.

Quote

Once it has compromised the Linux server or IoT device, Kaiji can begin to launch DDoS attacks at the beck-and-call of its operators. It also steals any local SSH keys it finds, and launches further SSH brute-force attacks to infect other exposed devices on the internet.

Sounds like fun.

Quote

Furthermore, the security researchers believe that Kaiji confirms a growing trend for more online criminals to migrate to the Go language – sometimes referred to as GoLang – for their malware development rather than more common choices for IoT malware such as C and C++.

Lets ban all programing languages /jk

Well can't say I'm shocked. Malware and viruses are created with any and every new device that comes to market. Truly nothing is secure these days. Good thing I don't have any IOT devices then.

Aerosol Cheese: https://www.bitdefender.com/box/blog/iot-news/kaiji-new-strain-iot-malware-seizing-control-launching-ddos-attacks/?cid=soc|box|fb|IoTVulnerabilities&fbclid=IwAR3KrzZ_mXOVtVdtdP8MIVTqB2w5UpBBSe9FGD7z-napfEoAZsFJfzcdaWc

This tech news post is brought to you by the Ridge Wallet! Tired of carrying tons of old receipts, loose change, and a bulky pocket? Switch to Ridge and slim down that ye old leather bi fold. Go to RidgeWallet.com and use offer code LINUS at checkout and grab your new everyday carry, today!