A new clever cryptocurrency mining malware has been located on digital video recorders (DVRs), in a continuing evolution of connected devices being targeted by security threats.
The malware actively searches for vulnerable devices, and then the exploit comes later. Researchers are still unsure how the camera DVRs are being infected with the malware, though with many home users installing custom surveillance systems at home, this could be a growing concern.
"After accessing a couple of the DVRs, we noticed that the malware was running on the
DVR itself," said Johannes Ullrich, from the SANS Technology Institution, which discovered the bug. Two pieces of malware typically ran: a customized version of minderd, the Bitcoin miner - [we] actually learned today that, in this case, it may mine Litecoin, not bitcoin - [and] a piece of software called cmd.so, which initiated the scans for Synology devices that we observed before and that led us to investigate the DVR."
Just one week ago, the "Coinkrypt" malware, designed to use compromised smartphones to mine for cryptocurrency, is becoming more commonplace. Cybercriminals are branching out and expanding their operations on how they generate revenue, and using sophisticated malware is a clever technique.