New Linux Trojans installs crypto currency mining software on Raspberry Pi

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Jun 9, 2017.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    42,843
    Likes Received:
    10,522
    GPU:
    AMD | NVIDIA
  2. Raplapla

    Raplapla Member

    Messages:
    31
    Likes Received:
    0
    GPU:
    -
    Thanks for the news, it’s interesting to know about Linux viruses (as a Linux user myself). But I don’t think many people who run an internet-accessible ssh server with the default login and password read guru3d ;).
     
  3. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,308
    Likes Received:
    396
    GPU:
    AMD Radeon Graphics
    It's nice that they named it Linux. To avoid any confusion.... Default username and password? Does such a thing exist? Interesting read though. Thanks.
     
    Last edited: Jun 9, 2017
  4. scoter man1

    scoter man1 Ancient Guru

    Messages:
    4,846
    Likes Received:
    139
    GPU:
    MSI GTX 1070ti
    On the Raspberry Pi, yes. It's always User = rasberry, password = pi.

    It's honestly pretty brilliant. Target linux newbies that have no idea of what they are doing.
     

  5. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,630
    GPU:
    ROG Strix 1080 OC
    Other way around I think, User - pi, Pass - raspberry
     
  6. RealNC

    RealNC Ancient Guru

    Messages:
    3,649
    Likes Received:
    1,831
    GPU:
    EVGA GTX 980 Ti FTW
    When you buy a router, it has a default user and password for the initial login. You are supposed to change it.

    Many people don't. Or they think that just because it runs Linux, they're safe, not realizing that it doesn't matter what OS you run if everyone has the login password...
     
    Last edited: Jun 9, 2017
  7. rl66

    rl66 Ancient Guru

    Messages:
    3,213
    Likes Received:
    497
    GPU:
    Sapphire RX 580X SE
    You can't count company with

    name: admin and password: admin , 1234, 0000 etc

    for critical equipement, it's more easy for both :banana: (message to the IT of those companies :) )
     
  8. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,308
    Likes Received:
    396
    GPU:
    AMD Radeon Graphics
    I love making my passwd's as hard to remember as possible. Keeps me thinking.
     
  9. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    6,269
    Likes Received:
    2,588
    GPU:
    HIS R9 290
    Normally no, such a thing doesn't exist, but most ARMv7 platforms (and many ARMv8) are an exception since they don't have a traditional way of installing an OS. There's no BIOS, there's not an MBR (in the traditional sense), and there's little to no POST process. As a result, you can't manually tell an ARM platform how and where to boot to, which also means you can't run an installer. What this means is you often need to download pre-built disk images and dd them to something the ARM board was pre-programmed to read from, such as an SD card.

    That being said, someone basically has to dictate how the OS is set up, and you're then given a default username and password. Thankfully, many disk images are pretty barebone, where you're pretty much just given a command prompt and the essential Unix-like commands. That's the way I personally prefer my setups to be when doing a fresh new install.
     
    Last edited: Jun 9, 2017
  10. Fender178

    Fender178 Ancient Guru

    Messages:
    4,186
    Likes Received:
    207
    GPU:
    GTX 1070 | GTX 1060
    Or if you have a modded original Xbox the default User Name and password is both Xbox for FTPing files.

    Very interesting that they would target something like this.
     

  11. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,308
    Likes Received:
    396
    GPU:
    AMD Radeon Graphics
    Yes it is. Rasberry PI would be the last product you would expect to be targeted by something like a targeted trojon.
     
  12. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    6,269
    Likes Received:
    2,588
    GPU:
    HIS R9 290
    Not at all, Pis are used for all sorts of juicy content that people wouldn't want to give away to just anyone, such as cryptocurrency, webcams, source code, or personal files (many people use Pis as an NAS).
     
  13. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,308
    Likes Received:
    396
    GPU:
    AMD Radeon Graphics
    Shows how little I know then. :)
     
  14. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,630
    GPU:
    ROG Strix 1080 OC
    I run a RP3 as a NAS
     
  15. Ghosty

    Ghosty Ancient Guru

    Messages:
    6,308
    Likes Received:
    396
    GPU:
    AMD Radeon Graphics

    [​IMG]
     

  16. Extraordinary

    Extraordinary Ancient Guru

    Messages:
    19,562
    Likes Received:
    1,630
    GPU:
    ROG Strix 1080 OC
    Yep, that looks exactly like my NAS
     
  17. PrMinisterGR

    PrMinisterGR Ancient Guru

    Messages:
    7,929
    Likes Received:
    793
    GPU:
    Inno3D RTX 3090
    An extraordinary NAS.
     
  18. fredgml7

    fredgml7 Member Guru

    Messages:
    126
    Likes Received:
    38
    GPU:
    Sapphire RX 570 4GB
    Ok, It's a Linux malware, but It's not a Linux fault. People should just block the default user and not allow direct root account login.
     
  19. ender79

    ender79 Member Guru

    Messages:
    127
    Likes Received:
    0
    GPU:
    Zotac GTX 970 ~ 1455 Mhz
    Is always a bad ideea to allow direct root login in linux. But is not so hard to change the user and pass for ftp,ssh... etc, even the port for ssh i'm changing from default 22 to what ever I want
     

Share This Page