11-29-2013 06:03 AM
Security vendor Symantec has discovered a Linux worm called Linux.Darlloz that has been engineered to exploit a known bug in PHP (php-cgi Information Disclosure Vulnerability) that was patched last year. Vulnerable devices include unpatched routers, set-top boxes and security cameras that have a web-based interface.
While Symantec classifies the risk posed by Darlloz as Very Low, it is concerned that it could be a proof of concept release that could easily be adapted to attack other connected machine-to-machine devices that make up the internet of things.
The current version only attacks Linux systems based on Intel chips, but Symantec says that it has discovered variants for other architectures including ARM, PPC, MIPS and MIPSEL, indicating that it could be intended to spread to other small, embedded connected devices.