A recently found malware called PumaBot is putting many internet-connected devices at risk. This malicious software is designed to attack smart systems like surveillance cameras, especially those that use the Linux operating system. It sneaks in by guessing weak passwords and then quietly takes over the system.
How PumaBot Finds Its Victims
Unlike many other threats that randomly scan the internet looking for weak points, PumaBot follows specific instructions from a remote command center. It receives a list of selected device addresses (known as IPs) from its control server and begins attempting to log in using common usernames and passwords through SSH — a tool that lets people access devices remotely.
Experts believe it may be going after security and traffic camera systems that belong to a company called Pumatronix, based on clues found in the malware’s code.
What Happens After It Breaks In
Once PumaBot gets into a device, it runs a quick check to make sure it’s not inside a fake system set up by researchers (known as a honeypot). If it passes that test, the malware places a file on the device and creates a special service to make sure it stays active, even after the device is restarted.
To keep the door open for future access, PumaBot adds its own secret login credentials. This way, the hackers can return to the device later, even if som
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.