A hacker called The Janitor has created multiple versions of a program called Brickerbot, a system that searches out and bricks insecure IoT devices. A researcher named Pascal Geenens has followed the worm for a few weeks and has seen it pop up and essentially destroy infected webcams and other IoT devices.
Devices all use a Linux package called Busybox and had exposed telnet-based interfaces with default passwords. These devices were easily exploited by the Mirai botnet which essentially turned them into denial-of-service weapons.
Brickerbot finds these devices and renders them unusable. The first version attacked about a thousand devices and alternate versions attacked thousands more. It disabled the devices by formatting the internal memory.
“Like so many others I was dismayed by the indiscriminate DDoS attacks by IoT botnets in 2016. I thought for sure that the large attacks would force the industry to finally get its act together, but after a few months of record-breaking attacks it became obvious that in spite of all the sincere efforts the problem couldn’t be solved quickly enough by conventional means,” wrote the Janitor. “I consider my project a form of “Internet Chemotherapy” I sometimes jokingly think of myself as The Doctor. Chemotherapy is a harsh treatment that nobody in their right mind would administer to a healthy patient, but the Internet was becoming seriously ill in Q3 and Q4/2016 and the moderate remedies were ineffective.”
This sort of vigilante justice is fun and clever. If a user can’t secure their own systems perhaps a bit of discriminate destruction is just the thing these things need to stop leaving admin passwords wide open.