Sunday, July 12, 05:27
Home security IoT devices were infected with a dangerous cryptocurrency miner

IoT devices were infected with a dangerous cryptocurrency miner

 and production Experts security mentioned that some hackers managed to they infect with malware software some Appliances and production still running Windows 7 and designed by three of the largest manufacturers in the world.

Her discovery was made by researchers TrapX, who consider it to be a “supply chain attack"

According to the data, the infection took place a few months ago, in October 2019. Hackers infected IoT devices with malicious software belonging to the category of cryptocurrency miners. Affected IoT devices include self guided vehicles (AGV, robots), a printer and a smart TV.

“The sample of malware analyzed by TrapX® is part of the family Lemon_Duck which is executed by double click or through persistence mechanisms, "they said researchers by TrapX. “Initially, the malicious one program scan it network for potential targets, especially those with open targets services SMB (445) or MSSQL (1433). Once a potential target was identified, the cryptocurrency miner was starting his job ”.

According to experts, the attacks on the IoT devices of the three manufacturers are likely to be part of the same hacking campaign. The attackers infested at least 50 sites of companies in the Middle East, North America and Latin America.

The attackers used one downloader that performs malicious scripts related to cryptocurrency miner Lemon_Duck. Researchers say this particular malware it is spreading very fast, that is why it is considered "extremely dangerous".

“Once again, the entry point was an IoT device running Windows 7. The attacks confused the production process, destroying AGV robots. The malware has spread quite quickly, "the researchers said. “TrapX software provided early detection of cryptocurrency malware and allowed the security team to disconnect them immediately infected AGV from the network ”. AGV-robots are IoT-based technology and are commonly used to transport materials to factories.

Windows 7 has ceased to be supported by Microsoft about a month ago. However, many users around the world continue to use them, making their devices vulnerable. Cybercriminals are aware of this and are looking for vulnerable IoT and other systems to attack.

Experts have found many automated vehicles (AGVs) running Windows 7 to be infected with the cryptocurrency miner.

The cryptocurrency miner was also found in HP DesignJet SD Pro printer used to print designs containing sensitive data and related to the target production process. The hackers infected their device and acquired it access in the target network.

Finally, the malware was installed in one Smart TV with a built-in PC that also ran Windows 7.

TrapX experts speculate that this was one supply chain attack and that malware was first installed on vulnerable devices and then affected the manufacturers' sites.

More details on the contamination of IoT devices can be found in the report published by TrapX.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


COVID-19-workplace: What can you do to avoid becoming a source of infection?

The number of COVID-19 cases worldwide seems to be increasing. However, most countries have ...

The best books of 2020, according to Amazon

If you like good books and are looking for new additions to your collection, choose from the 5 best books, according to ...

US Secret Service: Warns of increased attacks on MSPs

In June, the US Secret Service warned the private sector as well as government agencies that there has been a worrying increase ...

Create an imaginative meme and win a OnePlus Nord

One of the most anticipated financial smartphones of OnePlus, the OnePlus Nord, is going to be presented soon at an event that will take place ...

Sony: Invest $ 250 Million in Fortnite Epic Games!

Sony has made an investment of $ 250 million to acquire a 1,4% stake in Epic Games, ...

C-Data FTTH OLT devices contain backdoors

Serious vulnerabilities and backdoors were discovered by two security researchers in the firmware of 29 FTTH OLT devices, the popular equipment provider C-Data.

Spotify, Pinterest and Tinder are "crashing" because of D. Facebook

Popular applications and services, such as Spotify, Pinterest and Tinder, have cracked iOS devices ....

Technology and Teachers: What Do Experts Appreciate?

Too many educators around the world have struggled to adopt the technological tools in the midst of the pandemic to deliver lessons ...

COVID-19 apps: Virus detection applications violate privacy

COVID-19 apps: Beware, they violate private privacy Virus detection applications violate private privacy by recording more data than they need, setting ...

Debian 8 “Jessie”: Another version in End-of-life stage

After a long support of Debian 8 "Jessie", the development team of the operating system announced that it stops ...