Security Researchers have uncovered a Windows Trojan designed to help hackers infect Linux devices with Mirai malware. Russian security software company Dr Web claims to have uncovered the Windows Mirai Trojan, which it has labelled Trojan.Mirai.1. It is targeted at Windows PCs, and when established it scans the user’s network for evidence of compromisable Linux-based connected devices. The malware can also identify a wide variety of host software, including MySQL and Microsoft SQL Server databases. The Mirai malware was originally developed during 2015 and 2016 and used in a variety of targeted attacks, allegedly related to a Minecraft server protection racket. However, after the source code was leaked, it was used to harness together a bot-net of connected devices, which was used to launch large-scale distributed denial of service (DDoS) attacks. Mirai takes advantage of old, unpatched and insecure versions of Linux running on connected devices, particular digital video recorders used to record CCTV images, which are often connected to the internet so that their owners can keep an eye on the security of their homes and businesses. The designers of the CCTV systems and DVRs typically make the devices easy to set-up for internet viewing – but also punch large holes in owners’ security in the process. The Windows Trojan is designed to get the Mirai malware onto even more devices. It’s not definitely known who might be responsible for it, although security journalist Brian Krebs has already pointed the finger at an alleged culprit following an in-depth investigation over several months.
Submitted by: Arnfried Walbrecht