SambaCry Malware is turning Linux Machines into Crypto Currency Miners

SambaCry Malware

In the last few weeks, a malware named WannaCry haunted the users worldwide. These users were reportedly running the outdated version Windows OS on their machines.

This resulted in wide range of Memes and Roast by Linux Users on Windows Users. Now, a new Malware is here to haunt Linux Users which is currently exploiting their devices.

This malware is named as Linux.MulDrop.14. Targeting the Raspberry users who haven’t changed the default passwords of their devices. This vulnerability is exploiting an earlier reported Samba vulnerability.

The Linux.MulDrop.14 is a Linux Trojan which is reportedly targeting the older versions of Rasbian OS. It is a bash script which contains cryptocurrency mining program.

As soon as a Raspberry Pi device is infected, the cryptocurrency program is launched. The bash script installs further libraries required for mining cryptocurrency. This malware is also reportedly termed as EternalRed or SambaCry.

Dr. Web’s website on Malware’s Description says:

In an infinite loop, using zmap, the Trojan searches for network nodes with an open port 22, after that it uses sshpass to log into them with the following login:password pair: pi:raspberry, and then—to save and run its copy.

Samba Attacked Countries

This malware was found some years back in 2010 and came into light after the release of Samba Patch. The same flaw is exploitable using SMB protocol, a hacker can remotely execute malicious code just by opening a pipe on Samba Servers.

The number of affected users are still unknown but it is a clear warning to the users and system admins to update their Samba Software and their system to avoid this attack.

More information about the SambaCry Malware is present here.

To keep yourself safe and away from these attacks, keep updating and upgrading your machines as soon as a patch or update is released.

Stay tuned to MSLeaks for everything latest related to Tech.

Source: Fossbytes

Leave a Comment