Researchers from Russian antivirus vendor Dr. Web have found a new type of Linux malware that infects Raspberry Pi computers. The malware is called Linux.MulDrop.14. and it’s actively distri... New Linux Trojans installs crypto currency mining software on Raspberry Pi
Thanks for the news, it’s interesting to know about Linux viruses (as a Linux user myself). But I don’t think many people who run an internet-accessible ssh server with the default login and password read guru3d .
It's nice that they named it Linux. To avoid any confusion.... Default username and password? Does such a thing exist? Interesting read though. Thanks.
On the Raspberry Pi, yes. It's always User = rasberry, password = pi. It's honestly pretty brilliant. Target linux newbies that have no idea of what they are doing.
When you buy a router, it has a default user and password for the initial login. You are supposed to change it. Many people don't. Or they think that just because it runs Linux, they're safe, not realizing that it doesn't matter what OS you run if everyone has the login password...
You can't count company with name: admin and password: admin , 1234, 0000 etc for critical equipement, it's more easy for both :banana: (message to the IT of those companies )
Normally no, such a thing doesn't exist, but most ARMv7 platforms (and many ARMv8) are an exception since they don't have a traditional way of installing an OS. There's no BIOS, there's not an MBR (in the traditional sense), and there's little to no POST process. As a result, you can't manually tell an ARM platform how and where to boot to, which also means you can't run an installer. What this means is you often need to download pre-built disk images and dd them to something the ARM board was pre-programmed to read from, such as an SD card. That being said, someone basically has to dictate how the OS is set up, and you're then given a default username and password. Thankfully, many disk images are pretty barebone, where you're pretty much just given a command prompt and the essential Unix-like commands. That's the way I personally prefer my setups to be when doing a fresh new install.
Or if you have a modded original Xbox the default User Name and password is both Xbox for FTPing files. Very interesting that they would target something like this.
Yes it is. Rasberry PI would be the last product you would expect to be targeted by something like a targeted trojon.
Not at all, Pis are used for all sorts of juicy content that people wouldn't want to give away to just anyone, such as cryptocurrency, webcams, source code, or personal files (many people use Pis as an NAS).
Ok, It's a Linux malware, but It's not a Linux fault. People should just block the default user and not allow direct root account login.
Is always a bad ideea to allow direct root login in linux. But is not so hard to change the user and pass for ftp,ssh... etc, even the port for ssh i'm changing from default 22 to what ever I want
