Security Market Segment LS
Tuesday, 11 April 2017 09:25

New malware gives CCTV DVRs amnesia

By
New malware gives CCTV DVRs amnesia

Palo Alto’s Unit 42 has identified a new variant of the IoT/Linux botnet “Tsunami” dubbed “Amnesia” that targets commercial grade closed circuit TV DVR (digital video recorder) devices made by TVT Digital and branded by over 70 vendors worldwide. About 227,000 devices are affected.

A listing of brands can be found here. Amnesia exploits this remote code execution vulnerability by scanning for, locating, and attacking vulnerable systems. Successful attacks result in Amnesia gaining full control of the device. Attackers could potentially harness the Amnesia botnet to launch broad DDoS attacks like the Mirai botnet attacks

Amnesia is believed to be the first Linux malware to adopt virtual machine evasion techniques to defeat malware analysis sandboxes more commonly associated with Microsoft Windows and Google Android malware.

Amnesia tries to detect whether it is running in a VirtualBox, VMware or QEMU based virtual machine. If it detects those environments it will wipe the virtualised Linux system. This affects not only Linux malware analysis sandboxes but also some QEMU based Linux servers on VPS or on the public cloud.
Palo Alto Networks says that the aim is to make these machines part of a massive botnet that can be used for DDoS and other attacks. The only protection at present is to block access to the Command and Control Networks and use network protection that does this. No patch has been released by the maker TVT.

Palo Alto Networks adds that the malware reveals some interesting and notable trends of current IoT/Linux botnet threats:

  • IoT/Linux malware has begun to adopt classic techniques to evade and even wipe virtual machines.
  • IoT/Linux malware targets and attacks known remote code execution vulnerabilities in IoT devices. These are typically manufactured by smaller manufacturers and there may be no patch available so network security is the only solution.
  • IoT/Linux malware may also affect Linux servers deployed in VPS or in public cloud.
Read 4165 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




EXL AI IN ACTION VIRTUAL EVENT 20 MARCH 2025

Industry leaders are looking to transform their businesses and achieve measurable outcomes with AI.

As organisations across APAC navigate the complexities of AI adoption, this must-attend event brings together industry leaders, real-world demonstrations, and visionary panel discussions to bridge the gap between proof-of-concepts and enterprise-wide AI implementation.

Learn how to overcome common challenges in deploying AI at scale.​

Unlock cost savings, efficiency, and better customer experiences with AI.

Discover how industry expertise and data intelligence enable practical AI deployment.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Latest from Ray Shaw

Related items

More in this category: « Warning: social media opens up a door to burglars Microsoft Word bug used to spread banking trojan »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments