back to article New Mirai botnet species 'Okiru' hunts for ARC-based kit

A new variant of the notorious Mirai malware is exploiting kit with ARC processors. The nasty, dubbed Okiru, is the first capable of infecting devices powered by ARC CPUs. This is according to Japan-based malware researcher UnixFreaxjp of the infosec group Malware Must Die. RISC-based ARC embedded processors are used in a …

  1. Steven Raith

    Predictable comment.

    "MalwareMustDie said it was unable to give any estimate on how many devices had already been infected"

    I could tell you how many devices will get updated and patched against this though.

    Hint - I bet it's not many.

    Steven R

  2. Anonymous Coward
    Anonymous Coward

    Wait, you mean they have remote code execution capabilities on a specialist embedded os that isn't windows or linux? Next you'll be telling me my synology NAS didn't appear on a vulnerability mailing list the other day, or Huawei Oceanstore disk array's don't have a remote ssh shell. I mean, they're just disk drives right.

    1. steelpillow Silver badge

      "Wait, you mean they have remote code execution capabilities on a specialist embedded os that isn't windows or linux? Next you'll be telling me my synology NAS didn't appear on a vulnerability mailing list the other day, or Huawei Oceanstore disk array's don't have a remote ssh shell. I mean, they're just disk drives right."

      No. Linux is one of the main OS options available to run on ARC. "The analysis of the code after decompilation shows the herders were preparing ARC binary specifically to target one particular Linux environment."

  3. The Man Who Fell To Earth Silver badge
    FAIL

    My car

    My 2018 car's software is already buggy, losing things like the contact list every couple of weeks, occasionally never being able to boot the navigation system. Yet like all car manufacturer's, they seem obsessed not fixing basic stuff and instead focus on trying to have crapware apps like Pandora & Aha Radio run on the thing. (Worse, you can only update the cars software, if they every produce an update, via the Aha app.) So I may get lost, and not be able to make a call, but I can always stream music. F*cking great.

    No doubt malware safeguards & security holes are not even on their radar.

    1. Hans 1
      Joke

      Re: My car

      A "connected" car ? I'm sure you have a smart TV, smart scales, oven, kettle, flash light, toilet, and beamer for Facebook and Twitter in very room ...

      1. The Man Who Fell To Earth Silver badge
    2. ThatOne Silver badge
      Alert

      Re: My car

      > My 2018 car's software is already buggy

      What's the brand please, so people can avoid it henceforth?

      If car builders aren't rapidly hit where it hurts it will only get worse. Marketing & beancounters will always sign with some idiot service and then you'll get that service forced upon your car, want it or not. Remember the PC market of the beginnings, or the smartphone market of yesterday, when your device came preloaded (overflowing) with crapware? Well, now it's the turn of your car to get flooded with crapware. Problem is, nobody dies when your PC or phone crashes.

      Only if customers manage to remind car sellers that they are customers and not livestock those will start considering exotic notions like customer satisfaction and service!

      1. The Man Who Fell To Earth Silver badge
        Alert

        Re: My car

        Subaru

  4. Anonymous South African Coward Silver badge

    I get the feeling that something big is going to happen soon.

    I mean, look at the various vulnerabilities coming to light (spectre, meltdown etc).

    Then the amount of malware out there (crypto-malware etc).

    And things like these Mirai botnets sniffing back orifices all over the world...

  5. cheekybuddha

    Unfortunate ...

    ... name when read quickly

    I couldn't really pay much attention to the rest of the article, thinking that Barry Shteiman must have got some stick at school

  6. Anonymous Coward
    Linux

    Notorious Mirai malware capable of infecting ARC devices

    Does Mirai still require a default username/password?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like