Linux worm turns Raspberry Pis into cryptocurrency mining bots

I agree that it would be nice if Pi images were more easily configurable “offline”, but even as somebody who knows all about the linuxes I would rather they moved more in the direction of taking good security out of my hands. Every time I re-image a computer I get a little bit lazier.

I feel like given the most common threat model for the average hobby project, a good default would be if the Pi gave you a reasonably strong random password and told you to stick it to your Pi on a post-it.

2 Likes

Worm as advertising? It’s unfortunately plausible, especially given that anything that raises the profile of an iffy, second-rate cryptocurrency will hugely increase its value.

Aren’t they all dogecoin, really?

Yeah, really.

2 Likes

It’s like raising horses for the racetrack.

It’s weird what people get into when they have so much money they don’t know what to do with it.

If the worm changes the pi password to the same jumble password on each one, it’d be easy to hijack that botnet.

Dangle a Pi out on the net with a program listening on port 22. When it gets an attempt of “pi” “raspberry”, return the favor with that password.

1 Like

Ah, but the kid who sells for $10 is more likely to get that sale and go to the movies… what were we talking about, again?

The kid who sells one cup of lemonade for $1,000,000 buys the movie theater and has a private viewing for his friends.

This topic was automatically closed after 5 days. New replies are no longer allowed.