I’m just thinking about the Raspbian OS based distributions commonly used for RoonBridge endpoints.
It looks to be limited to Pi 2’s and older.
Is there anything to be concerned about?
Cheers
The malware uses a simple Bash script to attempt to connect to Raspberry Pi devices configured to accept external SSH connections. It targets Raspberry Pi boards with the default login and password, which are ‘pi’ and ‘raspberry’, respectively.
As always, regardless which distro you run, it is good practice to (at least) change the default password of any system that has SSH enabled.
In a normal home network, your Pi’s are pretty safe from attacks from the outside, since they are only accessible from within your network (unless you’ve applied port forwarding). That does not safeguard them from malware spreading through other systems on your network, so yes – change the password:
sudo passwd user
Fantastic, great advice. Thank you
Or use DietPi, which has different user/password.
1 Like
Which should also be changed from the default values…
2 Likes
This is not specific to Raspberry Pi’s. This malware goes after any OS with weak administration (generally speaking).
As @RBM said change your password and keep your OS patched.