Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Looking for sophisticated malware in IoT devices
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Looking for sophisticated malware in IoT devices
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,940
Threads: 8,890
Thanks Received: 8,767 in 6,926 posts
Thanks Given: 9,659
Joined: 12 September 18
#1
Bug  24 September 20, 07:42
Quote:
[Image: sl_looking_for_sophisticated_malware_01-772x1024.png]

Research background

Smart watches, smart home devices and even smart cars – as more and more connected devices join the IoT ecosystem, the importance of ensuring their security becomes patently obvious.

It’s widely known that the smart devices which are now inseparable parts of our lives are not very secure against cyberattacks. Malware targeting IoT devices has been around for more than a decade. Hydra, the first known router malware that operated automatically, appeared in 2008 in the form of an open-source tool. Hydra was an open-source prototype of router malware. Soon after Hydra, in-the-wild malware was also found targeting network devices. Since then, different botnet families have emerged and become widespread, including families such as Mirai, Hajime and Gafgyt.

Apart from the malware mentioned above, there are also vulnerabilities found in communication protocols used in IoT devices, such as Zigbee, which can be exploited by an attacker to target a device and to propagate malware to other devices in a network, similar to computer worms.

In this research, we are focusing on hunting low-level sophisticated attacks targeting IoT devices and, in particular, taking a closer look at the firmware of IoT devices to find backdoor implants, modifications to the boot process and other malicious alterations to different parts of the firmware.

Now, let’s talk about the structure of the firmware of an IoT device in order to get a better understanding of the different components.

IoT firmware structure

Regardless of the CPU architecture of an IoT device, the boot process consists of the following stages: the boot loader, the kernel and the file system (shown in the figure below). When an IoT device is switched on, the code from the onboard SoC (System on Chip) ROM transfers control to the bootloader, the bootloader loads the kernel and kernel then mounts the root file system.

The boot loader, the kernel and the file system also comprise the three main components of typical IoT firmware.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
AMD reportedly set to launch EPYC 4004 ...
AMD launches EPYC 40...harlan4096 — 09:39
NoVirusThanks OSArmor v2.0.0.0
OSArmor has been u...harlan4096 — 07:10
Apple releases iOS 17.5.1 to fix Photo g...
Apple has released...harlan4096 — 07:08
Microsoft announces Copilot+ PCs and AI-...
On a special event...harlan4096 — 07:06
1.0.98 release (2024/05/19)
1.0.98 release (20...harlan4096 — 06:32

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (37)axuben
avatar (38)ihijudu
avatar (48)Mirzojap
avatar (34)idilysaju
avatar (38)odukoromu
avatar (44)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>