A hacker that goes by the name The Janitor has reportedly created several versions of BrickerBot, a program that seeks out and bricks insecure Internet of Thing (IoT) devices.
According to a report in TechCrunch, researcher Pascal Geenens has been following the so-called worm for some weeks now and has witness it pop up and destroy webcams and other IoT devices that are infected. The devices being targeted use BusyBox, a Linux software. The hacker has exposed telnet interfaces with default passwords, turning them into denial-of-service (DoS) tools. BrickerBot locates the devices and makes them unusable. The report noted the first attack impacted around a thousand devices, and alternate versions of the worm was able to attack thousands more.
“Like so many others, I was dismayed by the indiscriminate DDoS [distributed DoS] attacks by IoT botnets in 2016. I thought for sure that the large attacks would force the industry to finally get its act together, but after a few months of record-breaking attacks, it became obvious that in spite of all the sincere efforts, the problem couldn’t be solved quickly enough by conventional means,” wrote The Janitor according to TechCrunch. “I consider my project a form of ‘internet chemotherapy’; I sometimes jokingly think of myself as The Doctor. Chemotherapy is a harsh treatment that nobody in their right mind would administer to a healthy patient, but the internet was becoming seriously ill in Q3 and Q4/2016, and the moderate remedies were ineffective.”
Reports of a new worm are just the latest concerns for IoT devices in the marketplace. Last fall record-breaking digital attacks from the same unnamed individual or group had taken down a host of online sites. According to a Forbes report back then, these significant DDoS attacks even successfully knocked independent cybersecurity news site Krebs on Security offline with somewhere between 600 gigabits per second and 700 gigabits per second of traffic.