The words "Linux" and "malware" don’t tend to belong in the same sentence, but a new strain called Linux.MulDrop.14 is infecting Raspberry Pi devices. Infected machines are used to mine cryptocurrency for the malware's author, and it take advantage of poor security to generate money from nothing.
The good news is that the malware is fairly simple, and its spread is dependent on the laziness of Pi owners.
Linux.MulDrop.14 works by scanning the internet for Raspberry Pi devices with an open SSH port and the "pi" user password unchanged from the default. With these conditions met, it is a fairly simple matter for the malware to change the account password, before installing ZMap and sshpass software, and then getting to work mining cryptocurrency.
- Raspbian Linux OS for Raspberry Pi Is Now Based on Debian GNU/Linux 9 "Stretch"
- Android-Based RaspAnd OS Updated for Raspberry Pi 3 with Google Play Support
- RaspEX Linux Brings Ubuntu 17.04 with LXDE Desktop to Raspberry Pi 3 and 2 SBCs
- Canonical Starts Work on a Linux 4.12 Kernel for Ubuntu 17.10 for Raspberry Pi 2
- GPIO Zero 1.4 Is Out for Raspberry Pi SBCs, Update Your Raspbian Linux OS Now
- SolydXK 9 Linux OS Debuts Based on Debian 9 Stretch, Drops Raspberry Pi Support