As scary as the epidemics of malware for Internet of Things devices have been, they had one saving grace: because they only lived in RAM (where they were hard to detect!), they could be flushed just by rebooting the infected gadget. But a new strain of malware, dubbed "Hide n Seek," can live through a power-cycle: it writes a copy of itself to the /etc/init.d/ directory in the IoT device"s embedded GNU/Linux system, where startup programs are stored. When a device that"s been infected this way is rebooted, it is freshly infected.
No comments:
Post a Comment