Here on the Panda Security blog, we usually write about malware infecting computers, tablets and smartphones. But the truth is almost any electronic device can be compromised by hackers – including your smart home gadgets.
Now researchers have discovered a new family of malware called Mozi that has been quickly spreading online since last year.
What does Mozi do?
Mozi has been designed to specifically to attack low-power smart devices. Once installed, the malware tries to make contact with other infected devices, adding itself to the Mozi botnet.
Once registered, the infected device continues to operate normally. However, it is constantly ‘listening’ for instructions from the botnet. The botnet has been designed to launch Distributed Denial of Service attacks (DDoS) that can be used to attack and crash online services and websites. Once activated, your infected devices will be used by hackers to participate in large DDoS attacks.
Some Mozi variants can also steal data, or execute additional code, allowing hackers to gain control of your network.
What does Mozi affect?
According to the report, the Mozi botnet malware targets devices that use MIPS and ARM processors – both of which are very common in low-power smart home hardware. The malware has been observed infecting wireless routers (used to connect your home to the internet) and some security camera controllers.
As the malware evolves, the list of affected devices will undoubtedly grow.
How can I avoid being infected by Mozi?
The criminals behind Mozi are constantly developing and updating the malware to add new features and functionality – and to make it harder to detect. Because anti-malware tools like Panda Dome are not currently available for smart home or IoT devices, you need to take steps to prevent infection yourself.
Install all security updates
Providers of reputable smart home devices will regularly update their software to patch security issues. You should check for new updates and install them as quickly as possible to prevent malware installing itself.
Change the default admin password
The first stage to any hacking attempt is to try the default username and password. Which is why you must change the password on every device. Otherwise the hackers have complete, unrestricted access to your smart home.
Limit device access
If possible, you should configure a subnet for your home network that keeps smart devices separate from your computers that store sensitive information. Alternatively, use the ‘guest network’ function on your broadband router to achieve the same effect. If a hacker does break in, they can only access your smart devices, helping to protect your personal data and limit the damage they cause.
Good security practice
Even if you don’t have any smart home devices, these tips will help to protect you against malware infection:
- You should install every new security update for all your devices – laptops, computers, smartphones etc.
- You must change the default logon password (and username if possible) on all of your devices – including your broadband router / modem.
- Set up a guest network for devices you don’t control. You don’t know if your visitors properly protect their devices against malware; connecting them to a guest network still allows them to get online, but it prevents anything infecting your devices.
Want to know more about smart device and botnets? Take a look at our article Satori and the Latest Botnets to Wreak Havoc on the IoT