Raspberry Pi devices transformed into cryptocurrency miners by Linux malware


The words "Linux" and "malware" don’t tend to belong in the same sentence, but a new strain called Linux.MulDrop.14 is infecting Raspberry Pi devices. Infected machines are used to mine cryptocurrency for the malware's author, and it take advantage of poor security to generate money from nothing.

The good news is that the malware is fairly simple, and its spread is dependent on the laziness of Pi owners.

Linux.MulDrop.14 works by scanning the internet for Raspberry Pi devices with an open SSH port and the "pi" user password unchanged from the default. With these conditions met, it is a fairly simple matter for the malware to change the account password, before installing ZMap and sshpass software, and then getting to work mining cryptocurrency.

You'll probably have notice the simple solution here -- just change the password for the "pi" user to something other than the default. Oh, and perhaps think about changing the SSH port to something other than the default, and maybe not leaving it open. That's all it takes to stop your Pi being used to line someone else's pocket, and secure it against similar malware attacks that might not be quite as gentle on victims' machines.

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.