- The new IoT malware comes with enhanced capabilities and borrows code from the Xor.DDoS and Mirai botnets.
- To mitigate the threat, experts have advised that the default passwords of SSH servers be changed.
A new piece of Linux malware dubbed Chalubo has been found targeting IoT devices in an attempt to launch DDoS attacks. The new IoT malware comes with enhanced capabilities and borrows code from the Xor.DDoS and Mirai botnets.
Security experts at Sophos Lab first discovered the Chalubo malware family while investigating one of its honeypots on September 6, 2018. They found that the cybercriminals operating the malware sed brute force attacks against SSH (Secure Shell) servers to gain access to systems. A combination of words containing ‘root’ and ‘admin’ was used repeatedly to crack into a server.