IoT devices are the major parts of our life. From activity trackers to home security cameras these feature-packed pieces of technology are changing the way we are living our life. But IoT devices are connected to the internet and anything which is connected to the internet is hackable.
Recently, a 14-year-old hacker created a new strain of malware and named it Silex malware. This Silex malware bricks IoT devices. It has bricked over 4000 IoT devices in just a few hours.
What is Silex malware?
According to ZDNet, the Silex malware was created by a 14-year-old hacker called Light Leafon. As soon as he released the malware, it has affected thousands of IoT devices and no one could spot it expect Larry Cashdollar who is a security exploit researcher.
According to Cashdollar, Silex malware uses default credentials of IoT devices to log in and destroy the system. He added that Silex initially affected 350 devices and then it spread to thousands of devices.
How does Silex Malware work?
Time-travelling to the last paragraph, Cashdollar said that malware uses default credentials to log in the IoT devices. But to retrieve the credentials, the malware first trashes IoT device’s storage then drops the firewall rules and lastly removes the network configuration.
Silex malware is so intense that once an IoT device gets affected with it, it is impossible to recover it. However, by manually reinstalling firmware of the device, one can recover an infected IoT device.
Silex Malware like other malware
Between April and December 2017, a malware named Bricker Bot destroyed over 10 million IoT devices and that same malware inspired Silex malware to pop out in 2019.
The creator of the Bricker Bot malware is known under the pseudonym of the Janitor. He created Bricker Bot and deployed it to protest against owners of smart devices. However, like Janitor, Light Leafon hasn’t declared his motive behind Silex malware.
How to keep your IoT devices away from Silex malware?
The Silex malware makes your IoT devices infected by guessing your device’s user name and password. Silex malware is pretty new, it takes some time to get a fix update on your smart device from the company. So, what you can do as of now?
According to Jesse Irwin, a former employee of password management app 1Password, as soon as you buy a device which comes with the hard-coded credentials, change the default password and user name as quickly as possible.
By doing so, you make it hard for Silex malware to know the credentials of your smart devices.
In the nutshell
Hackers are everywhere and devices with less security are their soft targets. So, it is advisable for both users and manufacturers to walk parallel with each other in order to create a safer online environment. Here, the role of government is also significant.
With a few rules, they can force manufacturers to develop secured IoT devices and spread awareness related to hacking among users. But what about an e-scooter renal business owner?
Well, they should start consulting cybersecurity experts, otherwise, a 14-year-old boy can be the reason behind their financial instability.