”
Security researchers have discovered the first IoT botnet malware strain that can survive device reboots and remain on infected devices after the initial compromise.
This is a major game-changing moment in the realm of IoT and router malware. Until today, equipment owners could always remove IoT malware from their smart devices, modems, and routers by resetting the device.
The reset operation flushed the device’s flash memory, where the device would keep all its working data, including IoT malware strains.
“Hide and Seek” malware copies itself to /etc/init.d/
But today, Bitdefender researchers announced they found an IoT malware strain that under certain circumstances copies itself to /etc/init.d/, a folder that houses daemon scripts on Linux-based operating systems —like the ones on routers and IoT devices.
By placing itself in this menu, the device’s OS will automatically start the malware’s process after the next reboot.
The malware strain that achieved something that even the Mirai strain couldn’t is called Hide and Seek (HNS) —also spelled Hide ‘N Seek.”
– https://www.bleepingcomputer.com/news/security/hide-and-seek-becomes-first-iot-botnet-capable-of-surviving-device-reboots/
--
Regards
wasbit
Rig 1: Optiplex 3050 SFF
Rig 2: Asus ROG G20CB (rebuilt wreck)
Rig 3: HP Elitebook 8440P
Dear Starfleet, hate you, hate the Federation, taking Voyager. - Janeway
.
