Experimental Shishiga Malware Targets Linux

Schtask

Limp Gawd
Joined
Nov 29, 2011
Messages
436
In the real world, the Shishiga has taken on a more ethereal form. Researchers at ESET have discovered a nasty piece of malware that operates by brute-forcing weak telnet and SSH credentials on the Linux OS in an effort to plant itself on a victim device. Upon first inspection, Linux/Shishiga might appear to be like other LuaBot inspired malware. The difference being that those malware samples target weak Telnet and SSH credentials, while Shishiga leverages the BitTorrent protocol in the same manner as the Mirai style worm called Hajime. This malware was observed last year and seems to be gaining popularity.
 
Gaining popularity is never a good thing in the world of malware, at least from my perspective. Please do not turn this into a BS Linux vs. Windows thread, thanks. All operating systems, including those on phones, are vulnerable but, it is just a matter of whether it is worth attacking or not.
 
Cool, we get the crap from windows, instead the good, like photoshop or the Arkham games.... :D
 
Just goes further to show that all IoT devices should be setup on their own subnet and not externally accessible, I can think of no good reason why any IoT device would need to be directly accessed off site.
 
IoT is the dumbest invention ever. It's going to cause so much trouble.

Not so much a dumb invention as it is a dumb implementation. Many liked the idea of a "smart home" that we can control with our voice.

Up until recently, it took special networks of devices (like ZigBee, x10, or equivalent) to do things. These were all controlled by a central device (or series of devices) that were locked behind firewalls or not connected to the internet. These devices had a tech knowledge gap preventing general adoption. The key was that the outlet, or circuit, talked through proprietary communication to a central control hub. When implemented, it's awesome and works great. But it's not easy for the masses.

Someone decided that to appeal to the masses, the devices needed to be simple, they needed to be idiot proof, and to facilitate that, they needed to be cloud connected. Hence the rise of the risky IoT device. Everyday things like lightbulbs and cameras that get plugged in and "just work" by being their own Linux box. Because of the mass rollout of devices created by tech startups more worried about traction versus device security, many will remain unpatched, and many will be compromised.
 
Last edited:
Not so much a dumb invention as it is a dumb implementation. Many liked the idea of a "smart home" that we can control with our voice.

Up until recently, it took special networks of devices (like ZigBee, x10, or equivalent) to do things. These were all controlled by a central device (or series of devices) that were locked behind firewalls or not connected to the internet. These devices had a tech knowledge gap preventing general adoption.

Someone decided that to appeal to the masses, the devices needed to be simple, they needed to be idiot proof, and to facilitate that, they needed to be cloud connected. Hence the rise of the risky IoT device.

Basically this, with out IoT I couldn't have a hope in hell of monitoring and controlling the large Heating Control Systems we have in place but it all runs on BACnet, to dedicated controllers running in building which communicate internally to a dedicated controller which is then locked down and only accessible via specific protocols on specific non default ports from a very limited list of IP addresses. Our meeting spaces similar setup only using Control4 equipment, it is a pain to setup, and even more painful on the wallet, but again static IP's on a dedicated subnet communicating to dedicated and walled off controllers. And before anybody starts on the "why would you do that its such a waste of time and resources to monitor all that" the equipment and configuration has basically paid for itself in reduced operating costs we managed to trim a few thousand a month out of our energy bills while improving working conditions for everybody in the process. IoT is a beautiful thing when properly implemented with planning and forethought.
 
Cool, we get the crap from windows, instead the good, like photoshop or the Arkham games.... :D

I know we get into it around here on this subject, but Linux is extremely popular on servers, there's malware out there for it, but it's not really designed with desktops in mind.
 
I know we get into it around here on this subject, but Linux is extremely popular on servers, there's malware out there for it, but it's not really designed with desktops in mind.
I know, since so many servers are running Linux, they are indeed one heck of a target.
 
I know, since so many servers are running Linux, they are indeed one heck of a target.

Don't get me started on what happens when Apache Tomcat is left on the open net with default credentials. Happens. All. The. Time. FFS.
 
A prime example of what can happen when the IoT goes wrong. The Bhopal incident was not Cyber Security related... But, imagine if you will, just how many open SCADA devices reside on the net.

Take a gander at Shodan... Suddenly, internet facing SCADA controls for a chlorine system don't seem that far-fetched. I know for a fact they aren't. Black Hills Security came across that very scenario not long ago.

"But SCADA isn't really IOT". I've actually heard this.

Hell yes, it is. Let's talk about what the internet of things really can do. Mirai botnet created some of the largest recorded DDoS attacks ever. Remote control of vehicles. GPS data leakage through Nest Thermostats. The Target breach was via SCADA HVAC systems. WebCam hacking in your kid's bedroom, or your living room. Infrastructure control systems. The list seems to be infinite.

IOT is great when implemented correctly. Sadly, it usually isn't. Especially in places where it should be.
 
The Home of Tomorrow cartoons never mentioned that China could hold my toaster hostage.
 
Not so much a dumb invention as it is a dumb implementation. Many liked the idea of a "smart home" that we can control with our voice.

Up until recently, it took special networks of devices (like ZigBee, x10, or equivalent) to do things. These were all controlled by a central device (or series of devices) that were locked behind firewalls or not connected to the internet. These devices had a tech knowledge gap preventing general adoption. The key was that the outlet, or circuit, talked through proprietary communication to a central control hub. When implemented, it's awesome and works great. But it's not easy for the masses.

Someone decided that to appeal to the masses, the devices needed to be simple, they needed to be idiot proof, and to facilitate that, they needed to be cloud connected. Hence the rise of the risky IoT device. Everyday things like lightbulbs and cameras that get plugged in and "just work" by being their own Linux box. Because of the mass rollout of devices created by tech startups more worried about traction versus device security, many will remain unpatched, and many will be compromised.

The term IoT in its current form basically means that every device that is not required to be internet connected, is. This not only creates huge security risks to users but unnecessary traffic that loads the internet and due to weak security, a free botnet for criminals.
 
The Home of Tomorrow cartoons never mentioned that China could hold my toaster hostage.

More like use it as an access point to your network.

The biggest problem with IoT isn't the OS running the devices, it's the piss poor security implementation on behalf of the manufacturers.

This has got nothing to do with the increasing popularity of desktop Linux, it's got everything to do with the increasing popularity of cheap IoT devices.
 
Back
Top