Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
Looking for sophisticated malware in IoT devices
Looking for sophisticated malware in IoT devices
harlan4096 Online
MalWare Zoo Team
*******
Posts: 16,167
Threads: 10,268
Thanks Received: 9,339 in 7,485 posts
Thanks Given: 10,304
Joined: 12 September 18
#1
Bug  24 September 20, 07:42
Quote:
[Image: sl_looking_for_sophisticated_malware_01-772x1024.png]

Research background

Smart watches, smart home devices and even smart cars – as more and more connected devices join the IoT ecosystem, the importance of ensuring their security becomes patently obvious.

It’s widely known that the smart devices which are now inseparable parts of our lives are not very secure against cyberattacks. Malware targeting IoT devices has been around for more than a decade. Hydra, the first known router malware that operated automatically, appeared in 2008 in the form of an open-source tool. Hydra was an open-source prototype of router malware. Soon after Hydra, in-the-wild malware was also found targeting network devices. Since then, different botnet families have emerged and become widespread, including families such as Mirai, Hajime and Gafgyt.

Apart from the malware mentioned above, there are also vulnerabilities found in communication protocols used in IoT devices, such as Zigbee, which can be exploited by an attacker to target a device and to propagate malware to other devices in a network, similar to computer worms.

In this research, we are focusing on hunting low-level sophisticated attacks targeting IoT devices and, in particular, taking a closer look at the firmware of IoT devices to find backdoor implants, modifications to the boot process and other malicious alterations to different parts of the firmware.

Now, let’s talk about the structure of the firmware of an IoT device in order to get a better understanding of the different components.

IoT firmware structure

Regardless of the CPU architecture of an IoT device, the boot process consists of the following stages: the boot loader, the kernel and the file system (shown in the figure below). When an IoT device is switched on, the code from the onboard SoC (System on Chip) ROM transfers control to the bootloader, the bootloader loads the kernel and kernel then mounts the root file system.

The boot loader, the kernel and the file system also comprise the three main components of typical IoT firmware.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
XYplorer
What's new in Rele...Kool — 11:46
What happens in the bedroom stays in the...
Smart sex toys and...harlan4096 — 11:20
Sandboxie 1.17.4 / 5.72.4
Release v1.17.4 / ...harlan4096 — 10:24
uBOLite 2026.412.1536 (already available...
uBOLite 2026.412.1...harlan4096 — 10:22
Microsoft Simplifies Windows Insider Pro...
Microsoft has anno...harlan4096 — 10:22

[-]
Birthdays
Today's Birthdays
avatar (46)Rodneykak
avatar (49)tradeSmode
Upcoming Birthdays
avatar (45)wapedDow
avatar (49)oapedDow
avatar (42)Sanchowogy
avatar (46)MeighGoask
avatar (44)techlignub
avatar (43)Stevenmam
avatar (50)onlinbah
avatar (50)fuspeukChark
avatar (44)werriewWaiNg
avatar (38)Freemanleo
avatar (43)cdoubapKit
avatar (38)lystraPonia
avatar (31)smith8395john
avatar (51)steakelask
avatar (45)Termoplenka
avatar (43)bycoPaist
avatar (49)pieloKat
avatar (43)ilyagNeexy
avatar (51)donitascene
avatar (51)Toligo
avatar (38)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>