The words "Linux" and "malware" don’t tend to belong in the same sentence, but a new strain called Linux.MulDrop.14 is infecting Raspberry Pi devices. Infected machines are used to mine cryptocurrency for the malware's author, and it take advantage of poor security to generate money from nothing.
The good news is that the malware is fairly simple, and its spread is dependent on the laziness of Pi owners.
Linux.MulDrop.14 works by scanning the internet for Raspberry Pi devices with an open SSH port and the "pi" user password unchanged from the default. With these conditions met, it is a fairly simple matter for the malware to change the account password, before installing ZMap and sshpass software, and then getting to work mining cryptocurrency.
- Raspberry Pi Foundation's Raspbian OS to Soon Be Rebased on Debian 9 "Stretch"
- NetBSD Image for Raspberry Pi Updated to Improve Raspberry Pi 3 Boot Support
- Android-Based RaspAnd Linux OS for Raspberry Pi 3 Gets Better Video Performance
- Ubuntu's Snapd Daemon Now Works Properly on Raspberry Pi and Raspberry Pi Zero
- RaspAnd OS Brings Android 7.1.2 "Nougat" and Kodi 17.3 to Raspberry Pi 3 SBCs
- OpenELEC 8.0.4 Kodi-focused Linux distro now available for PC, Raspberry Pi, WeTek, and more