A Linux trojan infects the best-selling Raspberry Pi computer and turns it into a machine for mining cryptocurrency.
According to the Russian security firm Doctor Web, the Linux.MulDrop.14 trojan targets Raspberry Pi devices to use their processing power to mine a cryptocurrency.
The malware uses a simple Bash script to attempt to connect Raspberry Pi devices configured to accept external SSH connections. It targets Raspberry Pi boards with the default login and password, which are ‘pi’ and ‘raspberry’, respectively.
The trojan spread itself to other Pi’s on the local network, with an open port 22 and connecting via SSH. The running Pi boards with an updated version of the default Raspbian OS should be protected against the trojan.
Devices running with older versions of the OS should also protect against infection, due to routers blocking incoming connections over the internet.
More than 14 million Raspberry Pi boards have been sold, making the boards an increasingly tempting target for malware makers.
The malware doesn’t try to mine for Bitcoin, whose ‘difficulty level’ is too high to mine cost-effectively, even for a massive network of PCs.
However, several cryptocurrencies mined with less computing power. In 2014, malware writers experimented with Android malware to mine Dogecoins and Litecoins.
In the past, Bitcoin mining farms used a large number of Pi boards, although in this instance the Pi boards appeared to be managing Bitcoin-mining ASICs, rather than doing the mining themselves.
Dr. Web’s virus analysts said the Raspberry Pi malware mines Monero, a lesser-known, but increasingly popular cryptocurrency for dark-web drug markets.