Malicious Worm Seeks Vulnerable Home Data Stores

A security researcher has created a malicious worm that can roam the net seeking data stored on insecure hardware.

The worm can exploit many bugs found in popular home data storage systems.

According to the security researcher Jacob Holcomb, there was evidence cybercriminals had noticed how easy it was to exploit these data stores.

Mr Holcomb started work on the worm after carrying out a series of tests on Network Attached Storage (NAS) systems made by 10 separate manufacturers.

Mr Holcombs' investigations revealed 30 separate, undocumented vulnerabilities in the NAS devices. If exploited, many of these would give an attacker complete control over a device - allowing them to plunder the data on it, or use it as a way to get to other devices on the home network.

Most of the problems Mr Holcomb came across were based in the web-based interface, typically used to administer these devices. The worm is said to run on infected systems and once it has taken control, uses the system's resources to administer these devices.

If a device gives an appropriate response, it sends a series of data requests to "fingerprint" that device, so it knows which vulnerabilities to try against it.

Mr Holcomb said: "I took the series of exploits I found and wrapped them into a software package that's in essence self-replicating."

He added: "Once these devices are exposed to the internet, it's pretty much game over because most vulnerabilities can be exploited using authentication bypass techniques or with no authentication at all."

Mr Holcomb is expected to demonstrate how the worm works at a speech at the Black Hat security conference in Amsterdam this week, and plans to run it on a closed network rather than live on the net.

print this article

Return to internet news headlines
View Internet News Archive

Share with: