A new malware called Silex is on its way to brick thousands of IoT devices. The malware has been developed by a 14-year old teenager known by the pseudonym Light Leafon. The malware strain is inspired by the infamous malware called BrickerBot, which is notorious for bricking millions of IoT devices way back in 2017.
As reported by ZDNet, the malware was successful in bricking as many as 2000 devices within an hour. Silex malware works by exploiting the default credentials of IoT devices, trashing its storage, violating firewall rules and wiping the network configuration.
To make the device functional again, users need to install the device’s firmware again, which is a tedious task for many users. The affected devices are likely to be thrown away by a majority of the users as they will see it as a hardware failure instead of a malware attack.
Akamai researcher Larry Cashdollar says, “[the malware is] writing random data from /dev/random to any mounted storage it finds.”
Explaining the working of Silex, he adds “It’s then deleting network configurations, […] also, it’s [running] rm -rf / which will delete anything it has missed. It also flushes all iptables entries adding one that DROPS all connections. Then halting or rebooting the device.”
When interviewed by Ankit Anubhav, a NewSky Security researcher, Light Leafon said that he started the malware as a joke but has turned it into a full-time project now. According to Leafon, he’ll further develop the malware to have the original BrickerBot functionality, thus making it more dangerous.
His plans include adding the functionality that will allow the malware to log into devices via SSH and incorporate exploits into the malware to break into IoT devices by exploiting their vulnerabilities.
It is surprising that a 14-year old teenager is using his knowledge and skills to brick devices. However, researchers say that he might have committed several OpSec mistakes that could allow authorities to catch him.