Internet-connected devices (IoTs) can be hacked with some simplicity, so cybercriminals have not missed the opportunity to try to kidnap them and mine bitcoins with them. This has recently been reported by the IBM X Force, describing a new variant of the Mirai botnets family that includes a component for the mining of cryptocoins in Linux.

A botnet, also known as 'zombie army', is a type of computer threat where the hacker takes control of numerous devices to control them remotely and, in general, to be able to carry out DDoS attacks avoiding possible protections. Perhaps the most famous is the Mirai, focused on infecting smart devices, which in October 2016 attacked the DNS Dyn service provider and caused large websites like GitHub, Twitter, Reditt and Netflix to go offline.

Now it seems that it is evolving to get another kind of gain. According to the statement, the IBM X Force began to notice an increase in the traffic of links that contained the variant ELF Linux / Mirai towards the end of March, with a peak on the 25 of that month, that finally descended after eight days of its beginning.

This botnet is aimed at attacking Linux machines that run the BusyBox program, which is responsible for many of its utilities, and which in turn uses the Telnet protocol for remote access. The latter is not very safe, especially since smart device users who use it - such as landlines, televisions, and routers - often do not change their factory password. The Mirai scans the network in its search, and when it finds these devices, it is dedicated to launch brute force attacks (constant and repetitive attempts) until obtaining the credentials and to gain control, to which the user only notices a certain slowness in his machine and an increase in bandwidth.

According to IBM's report on IOT Device Armament, it is expected that more than two-thirds of the 34 billion devices (including computers) connected to the network by 2020 will be objects or devices of some sort, It is quite likely that thousands of IoT devices with inadvertent users can be hijacked in this way. Because of this, even if mining on simple processors such as a landline, television or even a toaster or lamp may seem unworkable, the key to making it profitable would be to hijack as many devices as possible.

To protect against this type of attacks, from IBM recommend carefully reading and following the instructions of each IoT device, keeping them updated and on secure networks, and, of course, change all the credentials that come by default. Once the virus is contracted, on the other hand, the infected device must be restarted and the password immediately changed.