It’s not often someone writes malware with the intention of being helpful. But the creator of BrickerBot is hoping their bot will create enough disruption to force us all to do a better job securing our IoT devices.
BrickerBot’s objective is simple, if also quite merciless to the unsuspecting tech gadget consumer. The malware finds and permanently bricks IoT devices its owners left running with the manufacturer’s default password.
These poorly secured cameras, light bulbs, and thermostats are vulnerable to attack by more insidious botnets like Mirai, which take over the devices and enlist them into an army carrying out massive DDoS attacks. The largest such attack in history took down a huge swath of major websites for users across the Eastern seaboard and in Europe back on October 21st.
So BrickerBot’s creator, Janit0r, wants to take these unsecured devices offline before they get hijacked by someone else and used for the next big internet attack. Janit0r claims to have bricked 2 million devices so far as part of this crusade. And now, the hacker is making public their aim to see IoT device manufacturers take security more seriously.
“The IoT security mess is a result of companies with insufficient security knowledge developing powerful Internet-connected devices for users with no security knowledge,” Janit0r wrote to security researcher Victor Gevers, according to Bleeping Computer.
Janit0r goes on to outline their hope the government responds with new regulation to reign in the problem:
“I hope that regulatory bodies will do more to penalize careless manufacturers since market forces can’t fix this problem. The reality of the market is that technically unskilled consumers will get the cheapest whitelabel DVR they can find at their local store, then they’ll ask their nephew to plug it into the Internet, and a few minutes later it’ll be full of malware. At least with ‘BrickerBot’ there was some brief hope that such dangerous devices could become the merchant’s and manufacturer’s problem rather than our problem.”
BrickerBot was first discovered in early April by cybersecurity services firm Radware. But this isn’t the first act of hacker vigilantism we’ve seen. Hajime – and Wifatch before it – also infected IoT devices with the stated purpose of making it hard for other hackers to get in. They just didn’t go as far as making devices permanently unusable. Whether manufacturers and regulatory agencies take notice of the acts and improve the industry’s gaping security flaws remains to be seen.
In the meantime, us consumers should all make sure to change that password and update the firmware on that next “smart” purchase. Fail to do so, and we risk exposing the thing to BrickerBot. Or to Mirai. Or to any of the other nasty blights floating around the internet and ready to infect the device in seconds.