|
|
|
|
|
|
by brightball
3525 days ago
|
|
|
From the article: "Last month, a hacker by the name of Anna_Senpai released the source code for Mirai, a crime machine that enslaves IoT devices for use in large DDoS attacks. The 620 Gbps attack that hit my site last month was launched by a botnet built on Mirai, for example." I repeatedly hear people refer to IoT devices that are notoriously difficult to update...yet this Mirai code is technically able to access millions of devices and bend them to its will. So what I'm wondering is just, what prevents the good guys from using Mirai to slurp down every available device to patch the vulnerability that allowed Mirai to work in the first place? It seems like if vulnerabilities in these devices can destabilize the entire internet that it should be perfectly viable as a response to actively look for those vulnerabilities, patch/minimize them and notify their creators of the issue. |
|
|
Now, you might say "why doesn't a good samritan just login to all of those devices and change the password to something random?"
OK - ignoring the fact that THEY would be committing felonies in several countries... what happens when the device manufacturer wakes up and decides to patch these devices via that remote access? Suddenly the password doesn't work, and the end-user can't change it because... what's the procedure for changing the default ssh password on a light bulb?
Technically you could make the situation better by writing a worm that changes the passwords, but at this point even that is a lost cause since mirai has a command that will change the pw on all infected hosts.