Wednesday, June 14th 2017
Linux Raspberry Pi Devices Being Infected by Cryptocoin "Mining Malware"
If you have your Raspberry Pi setup and have never changed the default password on the standard "pi" user, it's probably time to do so. A new malware has come out that exploits the simple fact several users apparently have never changed this password. Once it installs itself, it exploits the recent rise in value on cryptocurrency (Bitcoin recently topped $3000 per BTC) to mine cryptocoins for the authors benefit. This not only uses almost 100% of your poor Raspberry Pi's limited CPU, but also makes it part of a "mining botnet" that nets the controller money, adding insult to injury. The malware also makes an anonymous proxy on your box, which needless to say is probably not a good thing.
You might think you are safe behind a firewall, but with the rise of IPv6 on many ISPs and the fact that many older firewalls are not IPv6 ready, you may be surprised to find your SSH port is in fact exposed on the internet whether you know it or not via a global IPv6 address, NAT isn't a guarantee anymore, folks. It is in fact best to actually have a strong, non-default password on your box, even if it is just a little ARM-core.
Unfortunately, as Cryptocurrency rises in value and becomes more legitimate, it brings with it both positive, tangible benefits for society, and sadly, criminal fringe elements. I'd argue that the dollar is still the most widely used currency for criminal transactions, but there's more to it than that for certain. Maybe that's a topic for a future editorial? I don't know.
For now, just remember to always be vigilant in system security, as malware is sure to explode more than ever now that people have realized that they can make a profit on your misery.
Source:
BleepingComputer
Unfortunately, as Cryptocurrency rises in value and becomes more legitimate, it brings with it both positive, tangible benefits for society, and sadly, criminal fringe elements. I'd argue that the dollar is still the most widely used currency for criminal transactions, but there's more to it than that for certain. Maybe that's a topic for a future editorial? I don't know.
For now, just remember to always be vigilant in system security, as malware is sure to explode more than ever now that people have realized that they can make a profit on your misery.
9 Comments on Linux Raspberry Pi Devices Being Infected by Cryptocoin "Mining Malware"
You'd think it will be some kind of botnet for DDoS attacks, or scamming AdWords... but cryptomining?!
I'm wondering how many devices do you need to make any profit? 1K? 10K?
Meaningful profit is another story. It must be fairly widespread to even get anywhere. I'd picture knowing CPU-mining values, 100 devices would probably pull in a buck or so a day minimum. So we can bet it's at least that.
the community is smaller than the RPi, the SOC is a less liked one (not liked by KODI/OSMC/LibreElec specifically) ... but hey ... got Android 6.0 and TinkerOS got some sweet updates recently ...
let's hope it does not come to the Tinkerboard (well as it is quite more powerful than a Pi3 ... that may tempt the malware author .... or not ... thanks to the smaller community :laugh: )i had the official Strontronic RPi charger (tho technically not a charger ... there is nothing to charg on a RPi unless you have a battery on it) and it was not "shit"... although mine did cost more 19€ than 10€ also 5V 2.5A is a minima for the RPi3 i hope your 10€ charger was not under these values, nor did i had any issues you had on my own Pi3
on the other hand when purchased 2 fake RPi3 on Gearbest and Aliexpress for testing purpose (real fake, faked from PCB to the Box, not BananaPi or OrangePi as these are not bad at all) i got some error on updates using Raspbian, heck even OSMC or Libreelec refused to install on it ... :D (thought the SOC was still a Broadcom2837)