Friday, 23 December 2016

Rakos Malware To Build Botnet Army

Rakos is a new malware detected recently which attacks vulnerable devices via brute force to SSH login attempts.It is a common method found in various linux threats.This program targets both embedded devices and servers which has open SSH port. It preys on their weak credentials with a purpose of building a large botnet.This malicious program is written in Go language and has a binary compressed with standard UPX tool.

Another malware was also recently found named Mirai which is an Internet of things botnet which searches for less secure devices and it has attacked many systems successfully in 164 countries.The difference between Mirai and Rakos is that mirai targets telnet ports instead of SSH.

The malware searches for a limited set of IPs and spreads it incrementally to more targets.Rakos keeps sending details of host machine to its command and control [C&C] centers from time to time.The Rakos is not yet capable of Distributed Denial Of Service[DDoS],but researchers believe that it might receive such capability because of its level of control over infected devices.
When the malware is able to access a device with its credentials it runs two commands (id, uname -m). Then the malicious code checks whether if it is possible to upload to the new victim and goes on.
The backdoor is able to update the configuration file (from https://{C&C}/upgrade/vars.yaml) and also to upgrade itself.

The devices with strong password are not safe too.To secure the devices change the default password.
The malware doesn't feature persistence capabilities,but rebooted devices can be attacked and compromised repeatedly.The effected users should connect to SSH/telnet and search for a process named .javaxxx and verify it is an unwanted connection and kill it.To avoid future problems the SSH credentials should be well protected.

Thursday, 15 December 2016

Combating Software And Hardware Piracy

What is piracy?The unauthorized use or reproduction of someones work is piracy.Software piracy is the illegal distribution,copying or use of an unlicensed software.Now it is such a profitable business in this world.It has mainly caught the attention of organized crime groups in
many parts of the world.While on the other side of the coin hardware piracy is also increasing.Hardware piracy deals with usage of sub-standard,refurbished and used components in a new PC rather than putting licensed components.This piracy ranges from  microchips to motherboards.

Most important point of piracy is that it is impossible to stop piracy.It is not possible to check every system whether the software or hardware used is pirated or not in every companies.There are many organizations that are working hard to prevent piracy.BSA is the leading advocate for global software industry before governments and and in the international market place.Their members are among world's most innovative companies to improve modern life.BSA offers a software management guide and GASP which is a set of programs that will help to identify whether the installed program is pirated or not.

Even though it is said that piracy cannot be stopped there is also another
way of stopping it called prevention.There are many ways in which piracy can be prevented.The companies creating software should create a clear software policy statement and a copy of the policy statement should be given to the employees.The employees should be made to sign an anti-piracy agreement which specifies the penalty for pirate activities.Unannounced audits should be performed.Know all the permissions that the licenses allow and identify which are permitted and not permitted for the employee and delete any illegal software.

So the only way in which piracy can be stopped is through the people.No machine can decide whom we can trust and whom not.The people has to decide whether to use pirated software or not.
Just because its free does not mean its safe.