A WORM that leverages the Internet of Things to mine cryptocurrencies has been found to have infected around 31,000 devices.
The worm named Linux.Darlloz is in active development and is designed by the author to use his network of infected machines to mine Mincoins and Dogecoins.
By the end of last month, the hacker had mined 42,438 Dogecoins ($46) and 282 Mincoins ($150) making his total haul a little under £120 so far. Symantec, which discovered the worm, expects that this low yield is just the tip of the iceberg and that the author intends to evolve his creation into a much more pernicious miner.
Symantec believes that the Internet of Things is being used because, although the devices have low computational power, they are also less likely to be adequately secured, with the username and password often left unchanged from factory settings.
Linux.Darlloz is also capable of blocking other malware once it is installed, and the author has even patched vulnerabilities in certain routers in order to protect the demon seed payload.
Symantec has traced 31,716 separate IP addresses in 139 regions infected with Linux.Darlloz, and as well as x86 Windows and Linux machines it has affected a wide variety of Internet of Things devices including printers, routers, set-top boxes, and security cameras.
If you fear that you might have acquired this unwanted passenger, Symantec's advice is to apply security patches and update firmware on all devices, change default passwords and block external connections on ports 23 and 80.
The INQUIRER is running a debate this week on the rise of the Internet of Things that is powering wearable technology development. We'd like to hear your views on whether the Internet of Things will kill privacy, or whether user data collected by smart devices will be adequately protected. You can vote for or against these propositions here. µ
Sign up for INQbot – a weekly roundup of the best from the INQ