Silex Malware - OpenWrt

As far as I know OpenWRT is not affected if you don't have any open port (telnet/ssh....)?

"It's targeting any Unix-like system with default login credentials,"

1 Like

Sounds like natural selection, if your IoT devices still have the default password and you have telnet open to the internet :smirk:

5 Likes

It sounds like a joke, but, if more than 2000 devices have been affected by Silex, something is very wrong in security (in general terms).

I was being snarky, but yes, security is a known issue with IoT (the S stands for Security). Millions of devices with the same default password, blindly stuck on networks by people who know no better. And, worse, devices with undocumented backdoor admin accounts with passwords that can't be changed.

I'd rephrase that

It sounds like a joke if only 2,000 devices have been affected

California (US state), at least, has banned sale of devices with default passwords starting next year. See, for example https://www.bbc.com/news/technology-45757528

That link references what a "real" IoT virus can do

An attack by malware known as VPNFilter is currently targeting home routers and is believed to have infected more than 500,000 devices.

4 Likes

As sysadmin the firts thing to do when you receive a new device is change default user/password, if you don't do that, the problem is not IoT or Silex, the problem is you don't take care of your devices and security.

2 Likes

Those are the key words -- most people who own Internet-connected devices aren't sysadmins, nor will they ever be. They are "appliance operators".

3 Likes

As and end-user, the last thing you know is that the shiny device you just bought can be remotely accessed, has a port open to the whole world, was configured with a default password, or what any of this means.

3 Likes

I agree with you @eduperez but, in my opinion hardware manufacturers should take care of it, the shame is on the manufacturers not the final home users.

2 Likes