Persirai malware has infected 120,000 Chinese-made IP cams
IT IS A WEDNESDAY, so it will come as no surprise that there’s a new Internet of Things (IoT) threat dong the rounds. Trend Micro has uncovered this latest threat, dubbed Persirai, which has reportedly been infecting Chinese-made wireless cameras for around a month now. The Mirai-like threat1, which is said to have infected 120,000 IP cameras so far, exploits flaws in the cameras that a security researcher reported back in March, Trend Micro claims2.
What’s more, owners of affected cameras unlikely will know that they have been affected, which the security firm says “makes it significantly easier for the perpetrators behind the malware to gain access to the IP Camera web interface via TCP Port 81.”
“IP cameras typically use Universal Plug and Play (UPnP), which are network protocols that allow devices to open a port on the router and act like a server, making them highly visible targets for IoT malware,” the researchers explained.
Once a hacker logs into the interface, he or she can then carry out a command injection to force the IP camera to connect to a download site to issue commands that download and execute malicious shell scripts . After the samples are downloaded, the Persirai malware deletes itself and runs only in memory.
“After receiving commands from the server, the IP Camera will then start automatically attacking other IP Cameras by exploiting a zero-day vulnerability that was made public a few months ago,” Trend Micro notes.
“Attackers exploiting this vulnerability will be able to get the password file from the user, providing them the means to do command injections regardless of password strength.”
Trend Micro warns that owners of a Chinese-made wireless camera should be on guard and should make sure that they are not using the default password. However, the real problem is the maker of these cameras, the security firm adds.
“The burden of IoT security does not rest on the user alone it’s also dependent on the vendors themselves, as they should be the ones responsible for making sure that their devices are secure and always updated,” Trend Micro concludes.
- ^ Mirai: Windows Trojan helps hackers infect Linux-based devices with IoT malware (www.theinquirer.net)
- ^ Trend Micro (blog.trendmicro.com)
- ^ BrickerBot: Mirai-like malware threatens to brick insecure IoT devices (www.theinquirer.net)
PARIS: The plaza outside the Louvre Museum in Paris, where French presidential frontrunner Emmanuel Macron plans a victory party if elected, was briefly evacuated on Sunday (May 7) following a security alert, sources said. A spokesman for Macron’s movement said the alert was due to a “suspicious package.” The check was completed around 1230 GMT. A police source said the area was cordoned off and searched by a police team “simply to banish any doubts.” Several hundred journalists who have been accredited for the post-election rally were asked to briefly move away from the site.
The Louvre, the most visited museum in the world, is situated on the banks of the River Seine in the heart of Paris. The plaza is the square between the two long arms of the building, where its famous glass pyramid entrance is located. The second-round vote in France’s presidential election is taking place amid tight security, with tens of thousands of police and troops mounting guard. A string of jihadist attacks since January 2015 have left at least 230 dead and hundreds injured. On February 3, a 29-year-old Egyptian wielding knives attacked troops patrolling the underground access to Louvre .
He was shot and wounded by the patrol. On April 20, three days before the first round of the presidential poll, a policeman was shot dead on the Champs-Elysees avenue, in an attack claimed by the Islamic State (IS) group. On Friday, a suspected extremist was detained near a military base outside Paris.
Guns were discovered as well as a pledge of allegiance to IS and several of the group’s flags, sources close to the case told AFP.
Visitors to the Legislative Building in recent days may have noticed something they haven’t seen before a uniformed police officer posted at the rear entrance to the building. The change is part of an overall security review of the legislative complex, according to police. Chief Martin Brock of the N.C .
General Assembly Police Department said officers are counting the number of people who use each entrance of the building . He described the review as part of an “ongoing conversation” about safety concerns. “We’re just looking at possible ways to enhance security in the complex, so we want to get an idea of how many people are coming and going,” he said. Brock, who took over as chief last spring with the retirement of former chief Jeff Weaver, said he expects officers to collect data for about a month. “It’s preliminary, a project that I instructed the officers to do so that we could look at ways to help make the place more safe,” Brock said. “Right now we’re just looking at the lobby entrances on this building . We may look at the other areas — the (Legislative Office Building), the basement, the parking decks on legislative property at a later time.” Building security has been routinely under review since at least the mid-1990s, said one senator who has pressed for greater security measures . Sen . Andrew Brock, a Davie County Republican, worked on the Senate’s sergeant-at-arms staff from 1995 to 1996 . He said that security reviews of the legislative complex were conducted by federal agencies in the wake of the 1995 Oklahoma City bombing, an act of domestic terrorism against a federal building that killed 168 people. “No one ever settles on security,” Sen .
Brock, no relation to the police chief, said. “It’s ever-changing so you’re always doing reviews year in and year out to see if best practices are in place and looking at incoming threats.” After Republicans took control of the General Assembly in 2011, Sen . Brock was behind a plan to install metal detectors at the Legislative Building and to require most visitors to enter through the main front entrance .
Those plans stalled because they were too expensive, he said. Sen . Brock said security at public buildings also has a political aspect. “That’s part of it, the perception of people coming in,” he said. “We like the openness of people being able to come in, but that’s also a hindrance .
You have liberty versus security as an issue.”