A security engineer has devised a worm that is able to infect vulnerable IoT (Internet of Things) appliances and change their weak credentials.
Trojan Worm Fixes IoT Vulnerabilities
The software engineer Leo Linksy from the network monitoring company PacketSled has released an interesting piece of code – a Trojan worm that infects IoT appliances with weak security. The code affects those Internet of Things products that run with their default settings, usually meaning very weak username and password combinations. Its goal is to change them to a more secure pair.
This in practice makes the Trojan an anti-worm program that can be used to protect networks against possible hacker intrusion attacks. The code has been devised as an academic research project and is intended as a proof-of-concept.
In theory such tools can be used to reduce the number of attacks. Limited demonstrations were made in a test environment where the code showed that it can be used effectively.
And yet, there are some things about the worm that make it potentially unsafe to use in a production environment:
- Password Change – The worm needs to devise a mechanism that supplies the changed account credentials to the system owners or network administrators. This is an important feature that would allow it to be used for vulnerability assesment and remedy
- Known intent – The Trojan needs to be run against a network when permission is granted. Otherwise it could completely modify the running services and cause disruptions and even damage if the administrators are not aware of its presence and activity
One of the main reasons why people might consider the worm is for proactive assessment of a network where Internet of Things (IoT) products are used.
Such similar worms have been devised in the past. Last year Symantec reported about
A New Wave Of “Good” IoT (Internet of Things) Worms Might Be upon Us
All of this means that we might see a wave of “positive worms” that would protect rather than compromise our connected appliances. This would be beneficial to IoT (Internet of Things) products as they are one of the most vulnerable consumer and business market segments of Internet-connected electronics. This proof-of-concept worm is merely an example of what would be possible if security researchers took up action against bad security practices.