HOME

TheInfoList



Click Here for Items Related To - BrickerBot
OR:
BrickerBot on:   [Wikipedia]   [Google]   [Amazon]

BrickerBot was
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depr ...
that attempted to permanently destroy ( "brick") insecure
Internet of Things The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other com ...
devices. BrickerBot logged into poorly-secured devices and ran harmful commands to disable them. It was first discovered by Radware after it attacked their honeypot in April 2017. On December 10, 2017, BrickerBot was retired. The most infected devices were in Argentina, followed by North America and Europe, and Asia (including India).


Discovery


BrickerBot.1 and BrickerBot.2

The BrickerBot family of malware was first discovered by Radware on April 20, 2017, when BrickerBot attacked their honeypot 1,895 times over four days. BrickerBot's method of attack was to brute-force the
telnet Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet control i ...
password, then run commands using
BusyBox BusyBox is a software suite that provides several Unix utilities in a single executable file. It runs in a variety of POSIX environments such as Linux, Android, and FreeBSD, although many of the tools it provides are designed to work with inte ...
to corrupt MMC and
MTD MTD may refer to: Medicine * Maximum tolerated dose, in drug development * Muscle tension dysphonia, hyperfunctional musculature causing a hoarse voice Organizations * Makkal Tamil Desam Katchi (People's Tamil Land Party), a political party i ...
storage, delete all files, and disconnect the device from the Internet. Less than an hour after the initial attack, bots began sending a slightly different set of malicious commands, indicating a new version, BrickerBot.2. BrickerBot.2 used the
Tor network Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting of more than seven thousand relays, to conc ...
to hide its location, did not rely on the presence of busybox on the target, and was able to corrupt more types of storage devices.


BrickerBot.3 and BrickerBot.4

BrickerBot.3 was detected on May 20, 2017, one month after the initial discovery of BrickerBot.1. On the same day, one device was identified as a BrickerBot.4 bot. No other instances of BrickerBot.4 were seen since.


Shutdown and Impact

According to Janit0r, the author of BrickerBot, it destroyed more than ten million devices before Janit0r announced the retirement of BrickerBot on December 10, 2017. In an interview with '' Bleeping Computer'', Janit0r stated that BrickerBot was intended to prevent devices from being infected by Mirai. US-CERT released an alert regarding BrickerBot on April 12, 2017.


References

{{Hacking in the 2010s IoT malware Cybercrime in India