The malware in question is a new variant of the InterPlanetary Storm malware targeting IoT devices such as Android TVs. The malware infects the devices that run on Linux-based machines such as routers with ill configured SSH service.
Murali Urs, Country Manager-India, Barracuda Networks said, “While the botnet that this malware is building does not have clear functionality yet, it gives the campaign operators a backdoor into infected deices so they can later be used for crypto mining, DDoS or other large-scale attacks.”
The malware has infected devices in various Asian countries like China, Hong Kong, South Korea and Taiwan. The malware has targeted Linux based operating systems such as Android and Mac OS. The malware’s capability to attack Linux machine was first reported back in June.
Barracuda researchers have identified unique features that will help cybercriminals companies to help the malware persisted and protect. The researchers said, “To safeguard IoT devices against this malware variant, it will be necessary to properly configure SSH access on all devices. This means using keys instead of passwords, which will make access more secure.”
This malware is a type of popular Joker malware. It was first discovered by the US-based IT security firm called Zscaler. Google has already removed the apps affected by Joker from the Play Store.