A new type of malicious program is destroying the firmware of the IoT device, similar to the BrickerBot malicious program that destroyed millions of devices in 2017. The malware is called Silex, which shuts down the IoT device’s storage, firewall rules, and network configuration. To recover, you need to manually reinstall the firmware, which is too complicated for most device owners.
Akamai researcher Larry Cashdollar said that malicious programs log in to the system using known IoT device login credentials, then call fdisk -l to display all hard disk partitions and write random data to all partitions. The researcher said:
“It then writes random data from /dev/random to any partitions it discovers. It’s then deleting network configurations, […] also, it’s [running] rm -rf / which will delete anything it has missed. It also flushes all iptables entries adding one that DROPS all connections. Then halting or rebooting the device.“
Another security researcher, Ankit Anubhav, said the malicious program was written by a 14-year-old boy named Light Leafon.