Malware Tool That Has Your BackOctober 3, 2015 – 11:06 PM
Security researchers at Symantec have been tracking a malware tool that, for a change, most victims wouldn’t actually mind have infecting their systems–or almost, anyway.
The threat dubbed Linux.Wifatch compromises home routers and other Internet-connected consumer devices. But unlike other malware, this one does not steal data, snoop silently on victims, or engage in other similar malicious activity.
Instead, the author or authors of the malware appear to be using it to actually secure infected devices. Symanetc believes the malware has infected tens of thousands of routers and other IoT systems around the world. Yet, in the two months that the security vendor has been tracking Linux.Wifatch it has not seen the malware tool being used maliciously even once.
“In fact all the hardcoded routines seem to have been implemented in order to harden compromised devices,” Symantec security researcher Mario Ballano wrote in a blog post published Thursday.
Wifatch has one module that attempts to detect and remediate any other malware infections that might be present on a device that it has infected. “Some of the threats it tries to remove are well known families of malware targeting embedded devices,” Ballano wrote.