Ransomware of IoT equipments requiring ransom with fixing the room temperature to extremely cold debuts

ByRobert R Gigliotti

Although IoT home appliances that are connected to the Internet to enable various operations are proliferating, smart thermostat "Nest Thermostat" that manages home heating and cooling equipment is also one of the famous IoT home appliances. The world's first smart device for Ransomuware appeared, infected with Nest Thermostat, fixing the room temperature extremely cold and making it impossible to operate anything until you paid a ransom for a few hundred dollars.

Hackers Make the First-Ever Ransomware for Smart Thermostats | Motherboard

Along with the spread of IoT devices such as smart home appliances, security experts point out that "many IoT devices are making unsafe Internet connections." Viruses that actually targeted IoT devices have not been discovered yet, but two security researchers have developed Ransomware that infects Nest Thermostat.


The creator of Ransomware is Andrew Tierney and Ken Munro, an employee of a security company called Test Partners in the UK. Ransomware made by two people took control of Nest Thermostat and requested a ransom with the room temperature set to extremely cold, running Linux on the Nest Thermostat's liquid crystal display and making money like I will display the requested screen. Nest Thermostat's Ransomware is a hacking conference held between 4th and 7th August 2016Def Con"Was announced as a proof-of-concept model.

Ransomuare is infected by inserting the SD card in the main body and deprives full control of the device. The researcher noticed that Nest Thermostat was executing almost without checking the files contained in the inserted SD card, he said he built malware. A malicious hacker can pretend to be Nest and send an SD card, and if the user inserts an SD card, the program automatically runs and it is possible to actually hack Nest Thermostat.

It is the purpose of the creator to inform that safety measures are not available for using the IoT device, and the two persons said, "Users understand how their IoT home appliances are moving and what they are doing I am in a state where I can not control home appliances, because I use something I can not understand, I have no ways to deal with that. "

Incidentally,Official function that can operate IoT equipment with iPhone is installed from iOS 10It is going to be the era when household appliances in the future will connect more to the Internet in the future. beforeSamsung smart refrigerator vulnerability that could leak Google Account login informationHas been pointed out, there are demands for enhanced security in dealing with IoT devices.

in Software,   Hardware,   Security, Posted by darkhorse_log