You are here
Home > News > 唉! New Kaiji Malware Attacks IoT devices using SSH Brute Force

唉! New Kaiji Malware Attacks IoT devices using SSH Brute Force

kaiji malware

The Kaiji malware was designed by a developer based in China to launch DDoS attacks according to researchers.

Security researchers like Malwaremustdie disclosed that they unearth a new strain of malware named Kaiji malware that was built using Goland programming language to infect Internet of Things (IoT) devices and Linux-based servers to launch DDoS attacks in other to exploit these devices.

What Is Kaiji Malware?

This Malware named Kaiji which originated from China according to experts having noticed some functions branded in English representation of Chinese words, a situation that opines it was developed by a Chinese developer.

A malware that spreads mainly via SSH brute attacks and targets the root user only. Kaiji malware requires root to gain access and then uses a bash script to execute and set up space for the malicious code. It is also a rare malware having been built from scratch by the developer unlike other strains of IoT malware specifically because it was written using the GO language instead of the CC+ or C, the languages most IoT malware are of recent coded with.

Intezer researchers believe that Kaiji malware was designed to work as a simple botnet, having features of multiple DDoS attacks like synack attacks, IP spoofing and an ssh bruteforce module to channel the spread, with ssh spreader which relies on hijacking locally based SSH keys to infect hosts with past connection history with the server.

It also hijacks unpatched flaws, Kaiji malware then spread mainly through brute-force attacks against publicly accessible SSH servers that enabled password-based SSH authentication, according to Litvak of Intezer in its recent analysis. Litvak explained that Kaiji has been discovered in the tech world, spreading across the world, snapping up new victims.

Though, Kaiji malware still a work in progress even with its capacity to dispatch various assaults, lacking complex highlights like its counterparts, it appears to be the most recent brand of malware strains to show up, including the DDG botnet, and MootBot.  Unlike other discovered malware, Kaiji created its unique custom tooling in Golang instead of using regular implants – which researchers believe is a new trend for malware developers.

To protect your digital devices from malware, you should make use of a strong antivirus program.

CHECK OUT: Antivirus Special Offers & Deals

RELATED POSTS

Amaya Paucek

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Top
Enable Notifications    Ok No thanks