Linux.Wifatch IoT Malware Puzzles Researchers

by Developer.com Staff

The malware appears to infect Internet of Things devices and then harden their security.

Security researchers at Symantec have released a report about a piece of Internet of Things (IoT) malware that has them fairly flummoxed. Thousands of devices, mostly in China, Brazil and Mexico, have been infected with a Perl-based malware called Linux.Wifatch which connects them to a peer-to-peer (P2P) network. So far, that seems like fairly typical malware behavior, but then things get strange.

Instead of delivering a malicious payload to the routers, smart home appliances and other devices it has infected, Linux.Wifatch appears to deliver threat updates that actually harden their security. "The further we dug into Wifatch's code the more we had the feeling that there was something unusual about this threat. For all intents and purposes it appeared like the author was trying to secure infected devices instead of using them for malicious activities," said the report.

At this point no one knows who is behind Linux.Wifatch and whether that person's intentions are ultimately good or evil.

View article

This article was originally published on Friday Oct 2nd 2015
Mobile Site | Full Site