Current IoT malware activity ‘more than double that of 2016’

Current IoT malware activity ‘more than double that of 2016’ [Image: PeopleImages via iStock]

The number of Internet of Things (IoT) malware samples currently in the wild is already more than double the amount seen last year, according to a new report by Kaspersky Lab researchers.

A total of 7,242 IoT malware samples were found in May by the researchers, who set out honeypots mimicking a number of connected devices running Linux. This compares to 3,219 in 2016.

In a report, the researchers said: “According to Gartner, there are currently over six billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals.

“As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.”

Explaining their research, they said that they set up several traps that imitated various devices running Linux. They then left them connected to the internet to see what happened in the wild.

According to the researchers, it did not take a long time for the first result. They said it took “just a few seconds” before they witnessed the first attempted connections to the open telnet port. Over the following 24-hour period, they said there were tens of thousands of attempted connections from unique IP addresses.

Explaining the problem of a poorly configured or vulnerable device to a network, the Kaspersky Lab researchers said the most common scenario would result in the device ending up as part of a botnet.

However, there are more worrying potential consequences of a compromised IoT device, including it being used for illegal activities or criminals accessing it to spy on and then blackmail the owner.

The researchers have blamed firmware updates, which can be slow or even non-existent, and passwords, which are often the same across an entire range of products.