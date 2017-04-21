Developer of BrickerBot Malware Claims He Destroyed Over Two Million Devices (bleepingcomputer.com) 14
An anonymous reader writes: In an interview today, the author of BrickerBot, a malware that bricks IoT and networking devices, claimed he destroyed over 2 million devices, but he never intended to do so in the first place. His intentions were to fight the rising number of IoT botnets that were used to launch DDoS attacks last year, such as Gafgyt and Mirai. He says he created BrickerBot with 84 routines that try to secure devices so they can't be taken over by Mirai and other malware. Nevertheless, he realized that some devices are so badly designed that he could never protect them. He says that for these, he created a "Plan B," which meant deleting the device's storage, effectively bricking the device. His identity was revealed after a reporter received an anonymous tip about a HackForum users claiming he was destroying IoT devices since last November, just after BrickerBot appeared. When contacted, BrickerBot's author revealed that the malware is a personal project which he calls "Internet Chemotherapy" and he's "the doctor" who will kill all the cancerous unsecured IoT devices.
Doing some righteous work.
It is unfortunate that retribution type attacks are not considered "appropriate". Maybe it is time to fight fire with fire.
they may simply buy another vulnerable IoT device to replace it, perhaps from the same manufacturer. It's possible that this may actually drive sales for manufacturers who produce poorly secured IoT devices.
People are ignorant about security because they don't care. If their device gets bricked because it's insecure, they'll start caring.
If users have their devices bricked, they may simply buy another vulnerable IoT device to replace it, perhaps from the same manufacturer.
Are you suggesting there are people who will keep buying the same type of e.g. WiFi lightbulbs that work for a couple hours and then stop working, without returning them?
A return usually costs more than the profit on a device; it's an economically valid feedback mechanism assuming that kind of person isn't actually common. It seems unlikely to me that it is the typical b
It is unfortunate that retribution type attacks are not considered "appropriate".
Self-defense is not retribution. Third-party defense is always considered valid when a threat is imminent.
All the data we have shows that devices that are vulnerable to Mirai, et. al. will become Mirai bots in a short amount of time, and will begin attacking third-party Internet infrastructure.
If somebody can show the above claim to be false, please do so, showing reason and evidence.
