HotHardware.com is reporting that there's a Linux malware in the wild that takes over Raspberry Pi devices and uses them to mine for cryptocurrency...
Linux.MulDrop.14 [scans] for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software, and then it configures itself... to make digital money for someone else, namely the author or the malware, using your Raspberry Pi.
The article focuses on how much your power bill will go up in the course of making money for someone else due to the 100%-CPU-usage nature of mining software.
The existence of such a malware raises the question: Are there enough Raspberry Pi devices connected to the network, but not really monitored, such that there are enough to mine a single unit of cryptocurrency? ARM dev boards are not known for processing power, and the RPIs are no exception.
On the subject of default root passwords for devices intended to be connected to Internet, must this be the case with the RPI, or could they take the route of having an actually installable GNU/Linux instead of an image of an already installed system with insecure passwords?
(Score: 2) by stretch611 on Monday June 12 2017, @07:55AM (1 child)
But, if they are looking to win a marathon, zombies do not need to sleep and an run(?or walk) 24x7.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 1, Funny) by Anonymous Coward on Monday June 12 2017, @09:15AM
Marathon runners typically don't sleep during the Marathon either. And if some do, those certainly won't win.