Jump to content

Main menu Navigation ●Main page ●Contents ●Current events ●Random article ●About Wikipedia ●Contact us ●Donate Contribute ●Help ●Learn to edit ●Community portal ●Recent changes ●Upload file

●Create account ●Log in ●Create account ● Log in Pages for logged out editors learn more ●Contributions ●Talk

(Top) 1 Discovery 1.1 BrickerBot.1 and BrickerBot.2 1.2 BrickerBot.3 and BrickerBot.4 2 Shutdown and Impact 3 References

BrickerBot

●العربية Edit links ●Article ●Talk ●Read ●Edit ●View history Tools Actions ●Read ●Edit ●View history General ●What links here ●Related changes ●Upload file ●Special pages ●Permanent link ●Page information ●Cite this page ●Get shortened URL ●Download QR code ●Wikidata item Print/export ●Download as PDF ●Printable version Appearance From Wikipedia, the free encyclopedia

BrickerBot was malware that attempted to permanently destroy ("brick") insecure Internet of Things devices. BrickerBot logged into poorly-secured devices and ran harmful commands to disable them. It was first discovered by Radware after it attacked their honeypot in April 2017. On December 10, 2017, BrickerBot was retired.

The most infected devices were in Argentina, followed by North America and Europe, and Asia (including India).^[1]

Discovery[edit]

BrickerBot.1 and BrickerBot.2[edit]

The BrickerBot family of malware was first discovered by Radware on April 20, 2017, when BrickerBot attacked their honeypot 1,895 times over four days. BrickerBot's method of attack was to brute-force the telnet password, then run commands using BusyBox to corrupt MMC and MTD storage, delete all files, and disconnect the device from the Internet. Less than an hour after the initial attack, bots began sending a slightly different set of malicious commands, indicating a new version, BrickerBot.2. BrickerBot.2 used the Tor network to hide its location, did not rely on the presence of busybox on the target, and was able to corrupt more types of storage devices.^[2]

BrickerBot.3 and BrickerBot.4[edit]

BrickerBot.3 was detected on May 20, 2017, one month after the initial discovery of BrickerBot.1. On the same day, one device was identified as a BrickerBot.4 bot. No other instances of BrickerBot.4 were seen since.^[3]

Shutdown and Impact[edit]

According to Janit0r, the author of BrickerBot, it destroyed more than ten million devices before Janit0r announced the retirement of BrickerBot on December 10, 2017.^[4] In an interview with Bleeping Computer, Janit0r stated that BrickerBot was intended to prevent devices from being infected by Mirai.^[5]^[6] US-CERT released an alert regarding BrickerBot on April 12, 2017.^[7]

References[edit]

^ "BrickerBot: "The Doctor's" PDoS Attack Has Killed Over 2 Million Insecure Devices". Fossbytes. April 25, 2017.

^ ""BrickerBot" Results In PDoS Attack". Radware. April 5, 2017. Retrieved February 26, 2018.

^ "BrickerBot PDoS Attack: Back With A Vengeance". Radware. April 21, 2017. Retrieved February 26, 2018.

^ Shattuck, Justin (December 28, 2017). "BrickerBot: Do "Good Intentions" Justify the Means—or Deliver Meaningful Results?". F5 Labs. Retrieved January 21, 2019.

^ Cimpanu, Catalin (December 11, 2017). "BrickerBot Author Retires Claiming to Have Bricked over 10 Million IoT Devices". BleepingComputer. Retrieved August 4, 2018.

^ Olenick, Doug (December 12, 2017). "BrickerBot creators announce retirement from active operations". SC Media US. Retrieved August 4, 2018.

^ "BrickerBot Permanent Denial-of-Service Attack (Update A) | ICS-CERT". ICS-CERT. April 18, 2017. Retrieved February 26, 2018.

Internet of things (IoT) malware

Notable IoT malware

Hacking in the 2010s

← 2000s

Timeline

2020s →

Major incidents

2010	Operation Aurora (publication of 2009 events) Australian cyberattacks Operation Olympic Games Operation ShadowNet Operation Payback
2011	Canadian government DigiNotar DNSChanger HBGary Federal Operation AntiSec PlayStation network outage RSA SecurID compromise
2012	LinkedIn hack Stratfor email leak Operation High Roller
2013	South Korea cyberattack Snapchat hack Cyberterrorism attack of June 25 2013 Yahoo! data breach Singapore cyberattacks
2014	Anthem medical data breach Operation Tovar 2014 celebrity nude photo leak 2014 JPMorgan Chase data breach 2014 Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach
2015	Office of Personnel Management data breach Hacking Team Ashley Madison data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack
2016	Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2016 Bitfinex hack
2017	SHAttered 2017 Macron e-mail leaks WannaCry ransomware attack Westminster data breach Petya and NotPetya 2017 Ukraine ransomware attacks Vault7 data breach Equifax data breach Deloitte breach Disqus breach
2018	Trustico Atlanta cyberattack SingHealth data breach
2019	Sri Lanka cyberattack Baltimore ransomware attack Bulgarian revenue agency hack WhatsApp snooping scandal Jeff Bezos phone hacking incident

Hacktivism

Advanced
persistent threats

Individuals

Major vulnerabilities
publicly disclosed

Evercookie (2010)
iSeeYou (2013)
Heartbleed (2014)
Shellshock (2014)
POODLE (2014)
Rootpipe (2014)
Row hammer (2014)
SS7 vulnerabilities (2014)
WinShock (2014)
JASBUG (2015)
Stagefright (2015)
DROWN (2016)
Badlock (2016)
Dirty COW (2016)
Cloudbleed (2017)
Broadcom Wi-Fi (2017)
EternalBlue (2017)
DoublePulsar (2017)
Silent Bob is Silent (2017)
KRACK (2017)
ROCA vulnerability (2017)
BlueBorne (2017)
Meltdown (2018)
Spectre (2018)
EFAIL (2018)
Exactis (2018)
Speculative Store Bypass (2018)
Lazy FP state restore (2018)
TLBleed (2018)
SigSpoof (2018)
Foreshadow (2018)
Dragonblood (2019)
Microarchitectural Data Sampling (2019)
BlueKeep (2019)
Kr00k (2019)

Malware

2010	Bad Rabbit Black Energy 2 SpyEye Stuxnet
2011	Coreflood Alureon Duqu Kelihos Metulji botnet Stars
2012	Carna Dexter FBI Flame Mahdi Red October Shamoon
2013	CryptoLocker DarkSeoul
2014	Brambul Black Energy 3 Carbanak Careto DarkHotel Duqu 2.0 FinFisher Gameover ZeuS Regin
2015	Dridex Hidden Tear Rombertik TeslaCrypt
2016	Hitler Jigsaw KeRanger Necurs MEMZ Mirai Pegasus Petya and NotPetya X-Agent
2017	BrickerBot Kirk LogicLocker Rensenware Triton WannaCry XafeCopy
2018	VPNFilter
2019	Grum Joanap NetTraveler R2D2 Tinba Titanium ZeroAccess botnet

Retrieved from "https://en.wikipedia.org/w/index.php?title=BrickerBot&oldid=1164665570" Categories: ●IoT malware ●Cybercrime in India Hidden categories: ●Articles with short description ●Short description is different from Wikidata ●Use mdy dates from December 2020 ●This page was last edited on 10 July 2023, at 10:42 (UTC). ●Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. ●Privacy policy ●About Wikipedia ●Disclaimers ●Contact Wikipedia ●Code of Conduct ●Developers ●Statistics ●Cookie statement ●Mobile view