A worm that takes advantage of a vulnerability in the PHP scripting language to attempt to gain access to a computer or device. Linux.Darrloz uses the vulnerability to seek administrative privileges by providing commonly-used login usernames and passwords. If Darrloz gains access to the computer, it leaves a backdoor on the infected system or device that allows the cyber criminal to issue commands at any point in time.
While Linux.Darrloz primarily targets Linux distributions, the worm has received considerable attention from the security industry as a potential security threat to the Internet of Things (IoT). There is evidence of Darrloz variants having been created specifically for chipsets utilized by home routers, set-top boxes, entertainment devices, security cameras and similar Internet-enabled devices.
This has prompted concerns that as common, everyday objects like household appliances, security systems and automobiles become more and more Internet-enabled (i.e. The Internet of Things), security threats such as Linux.Darrloz could present considerable risks to computers and connected devices as well as those who use them.
