The new Silex malware has struck and thousands of IoT devices were attacked, and rendered useless, within hours.
ZDNET reports that attacks are still ongoing, and according to an interview with the malware’s creator, they are about to intensify in the coming days.
According to Akamai researcher Larry Cashdollar, who first spotted the malware earlier today, Silex works by trashing an IoT device’s storage, dropping firewall rules, removing the network configuration, and then halting the device.
“It’s using known default credentials for IoT devices to log in and kill the system,” Cashdollar told ZDNet in an email. “It’s doing this by writing random data from /dev/random to any mounted storage it finds.
“I see in the binary it’s calling fdisk -l which will list all disk partitions,” Cashdollar added. “It then writes random data from /dev/random to any partitions it discovers.”
“It’s then deleting network configurations, […] also, it’s [running] rm -rf / which will delete anything it has missed.”
For more read: New Silex malware is bricking IoT devices, has scary plans