Make sure you change your raspberry pi default password (Linux.MulDrop.14 malware)

raspberrypi

#1

Since a bunch of us own and use raspberry pi boards for interesting IOT devices, including autopilots (with navio 2), figured it would be helpful to share this recent discovery that can affect your pi if you have not changed your default password. (Something you should also definitely do on your WiFi router)

Linux Trojan that is a bash script containing a mining program, which is compressed with gzip and encrypted with base64. Once launched, the script shuts down several processes and installs libraries required for its operation. It also installs zmap and sshpass.

It changes the password of the user “pi” to “$6$U1Nu9qCp$FhPuo8s5PsQlH6lwUdTwFcAUPNzmr0pWCdNJj.p6l4Mzi8S867YLmc7BspmEH95POvxPQ3PzP029yT1L3yi6K1”.

Read more at: