Malwares have been known to corrupt machines or hold users’ data ransom.
But there is a new malware on the block that looks to simply render devices useless and its called Brickerbot.
So, what is Brickerbot?
According to a report, Brickerbot was discovered by cybersecurity company Radware and the aim of the malware is to render the hardware useless or in technical terms -- “Permanent Denial of Service” attack.
For example, if your security camera is linked to the internet, then Brickerbot will break into it remotely and then try to break it.
“A permanent denial of service attack is typically where you will try to override software or try to destroy hardware in such a way that the device cannot be recovered without experts doing recovery on the device,” Pascal Geenens, the researcher who discovered the malware, was quoted as saying to CBC.
Did such kind of bots exist earlier?
The CBC report claims that such bots were already present on the internet. Last year, similar remote attacks was seen using the Mirai botnet. Mirai was used in several large-scale network attacks, including the attacks that took down Twitter, Reddit, Netflix, Airbnb and others.
Mirai, just like Brickerbot, scans the internet and tries to find vulnerability on internet of things devices, like cameras, home routers and digital video recorders. Once Mirai identifies a vulnerability, it installs malware on the device and makes it part of a botnet, which is basically a large army of devices that can be used as weapons to take down websites.
However, Brickerbot doesn’t want to collect an army of devices by hosting via them, it simply kills the devices.
What type of devices are vulnerable to Brickerbot?
Simply put, any internet of things devices or internet-connected devices. Routers, IP cameras and digital video recorders seem to its first choice.
Part of the issue with some of these devices is that out of the box, they have a default password. And if nobody changes that password, it’s easy for malware like Mirai or Brickerbot to get in and wreak havoc.
What does a hacker gain using Brickerbot?
The maker of Brickerbot is unknown so motivations of making the malware is not confirmed yet. However, terrorist-like organisations can use this to create panic in large cities.
Interestingly, there are a few theories doing the rounds. One is that Brickerbot was created by someone who’s upset by the current state of security in the internet of things. The second is that it’s someone who’s angry at device manufacturers for not fixing security issues like easily guessable default passwords.
How to sheld yourself from a Brickerbot?
The good news is many consumer devices on the internet of things are sitting behind a gateway — like an router — so they’re not directly addressable from the public internet.
The other option, is simply to avoid so-called “smart home” devices or change the default password on devices such as routers and IP cameras. However, experts claim more such attacks are on the way.