CATEGORIES
home News

Linux Malware Infects Raspberry Pi Devices Making Them CryptoCurrency Mining Zombies

by Rob WilliamsSaturday, June 10, 2017, 02:30 PM EDT

If you're a Raspberry Pi user who's never changed the default password of the "pi" user, then heed this warning: change it. A brand new piece of malware has hit the web, called "Linux.MulDrop.14", and it preys on those who haven't secured their devices properly.

Linux.MulDrop.14 looks to be a simple piece of malware, but what it does wouldn't be acceptable by any RPi owner. After scanning for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software, and then it configures itself.

raspberry pi 3

The ultimate goal of Linux.MulDrop.14 is to make digital money for someone else, namely the author or the malware, using your Raspberry Pi. Because of the heavy workload nature of mining cryptocurrency, it essentially means that your RPi would be run at peak load 100% of the time, which equates to peak wattage. That of course amounts to added power consumption in your household, and thus a higher electric bill, not to mention degraded performance in whatever the primary task of your RPi originally was.

The real kicker is the fact that because your hardware running at peak load by someone else's doing means that you're paying money so that someone else can fill their digital wallet, adding insult to injury.

When malware like this rises to the surface, a common thought is that "hopefully the bug will be patched soon", but in this case, there's no real bug - it's just a matter of a password being left at its default. That said, there could be some initial warning after setting up an RPi to change that password, because not changing it, and having SSH open on a default port, means people are leaving web servers open for attack without even realizing it. And that perfectly explains why cryptocurrency-related malware is becoming so prevalent - it directly feeds someone's wallet, and for little effort, once it lands on a target device.

Tags:  Malware, Linux, Raspberry Pi, cryptocurrency, ethereum
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment