New Linux Trojans installs crypto currency mining software on Raspberry Pi
Click here to post a comment for New Linux Trojans installs crypto currency mining software on Raspberry Pi on our message forum
Raplapla
Thanks for the news, itβs interesting to know about Linux viruses (as a Linux user myself). But I donβt think many people who run an internet-accessible ssh server with the default login and password read guru3d π.
Ghosty
It's nice that they named it Linux. To avoid any confusion.... Default username and password? Does such a thing exist? Interesting read though. Thanks.
scoter man1
Extraordinary
RealNC
rl66
Ghosty
schmidtbag
dd them to something the ARM board was pre-programmed to read from, such as an SD card.
That being said, someone basically has to dictate how the OS is set up, and you're then given a default username and password. Thankfully, many disk images are pretty barebone, where you're pretty much just given a command prompt and the essential Unix-like commands. That's the way I personally prefer my setups to be when doing a fresh new install.
Normally no, such a thing doesn't exist, but most ARMv7 platforms (and many ARMv8) are an exception since they don't have a traditional way of installing an OS. There's no BIOS, there's not an MBR (in the traditional sense), and there's little to no POST process. As a result, you can't manually tell an ARM platform how and where to boot to, which also means you can't run an installer. What this means is you often need to download pre-built disk images and Fender178
Or if you have a modded original Xbox the default User Name and password is both Xbox for FTPing files.
Very interesting that they would target something like this.
Ghosty
schmidtbag
Ghosty
Extraordinary
I run a RP3 as a NAS
Ghosty
https://images.duckduckgo.com/iu/?u=http%3A%2F%2Fwww.fondriestbici.cz%2Fwp-content%2F2009%2F12%2FRP3.jpg&f=1
Extraordinary
Yep, that looks exactly like my NAS
PrMinisterGR
An extraordinary NAS.
fredgml7
Ok, It's a Linux malware, but It's not a Linux fault. People should just block the default user and not allow direct root account login.
ender79
Is always a bad ideea to allow direct root login in linux. But is not so hard to change the user and pass for ftp,ssh... etc, even the port for ssh i'm changing from default 22 to what ever I want