In yet another discovery of Bitcoin mining malfeasance, today researchers at the SANS Institute’s Internet Storm Center have posted a notice on their blog about a new form of malware that runs off systems designed to record and store footage from security cameras.
The program is unique in its ability to run on ARM architecture rather than the standard Linux(86x) servers that most of these types of systems rely on to keep surveillance camera networks coordinated and organized.
Another personalized indicator of this very-custom job, is that unlike much of the Bitcoin mining malware we’ve seen so far, the DVRs being overtaken in the campaign for cryptocurrency are just about as slow as servers come. This makes them a highly unusual choice as far as Bitcoin reaming rigs go, and multiple AV experts have weighed in their curiosities on why anyone would bother with such an ineffective solution on a long-term scale.
“Kudos to camera DVRs hackers for finding something worse (ie, very ineffective cryptocurrency mining) to use them for than surveillance,” said Virus Bulletin’s anti-spam test director Martjin Grooten.
The reason why anyone would take the time to do this? As far as researchers have been able to gather by this point, it’s probably the relative ease that even novice crackers have getting access to the server via standard Wi-Fi cracks, and the unexpected nature of someone using an ARM-powered system to mine anything.
Most of these devices aren’t protected by much more than a standard default password that anyone with access to a Google search could find out from the manufacturer’s website. This makes them at least marginally attractive to people who are considering getting in on the hottest trend in hacking since sliced bread, and especially easy to take control of considering it’s near the last place that anyone would think to look.
All in all the move looks like a bit of a mad dash on the part of the blackhat community for anything that might be able to mine, even if it’s only at a fraction of a cent at a time.