Page 1 of 1

malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 10:06 am
by muna
hi all

I want to use raspberry pi 3 in my security test

can we execute different existing malware such as existing ransomware for Linux in raspberry pi 3 ?


regards

Re: malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 1:25 pm
by hippy
If something has been compiled so it can run on a Pi 3 then it should run, whether malware, ransomware or anything else.

Re: malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 1:48 pm
by Heater
Sure. If you can find any existing malware that runs on the ARM architecture of the Pi's processor and works as an exploit on Linux.

If said malware is some javascript that works through a browser exploit you may be in more luck as that is cross-platform and maybe does not care about processor architecture or operating system.

Re: malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 2:06 pm
by mahjongg
if the malware is x86 code, you need an emulator to run it.

Re: malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 11:15 pm
by muna
Thanks all
But I am talking about the existing ransomware against Linux desktop, we can execute it in raspberry pi 3 “ raspbian “

As I can’t find ransomware for raspberry pi3
I want to just take it from repository and run it in raspberry pi instead of Linux workstation

Re: malware execution in raspberry pi 3

Posted: Sun Sep 02, 2018 11:59 pm
by W. H. Heydt
muna wrote:
Sun Sep 02, 2018 11:15 pm
Thanks all
But I am talking about the existing ransomware against Linux desktop, we can execute it in raspberry pi 3 “ raspbian “

As I can’t find ransomware for raspberry pi3
I want to just take it from repository and run it in raspberry pi instead of Linux workstation
As noted, the OS/OS family isn't the only consideration. There is also the hardware platform. Your Linux workstation is almost certainly running on x86 hardware, while the Pi uses an ARM designed CPU. The two have radically different instruction sets. *If* the malware is written in a cross-platform language, such as Java, then it may run. *If* you have access to the source code and it isn't written to a specific OS and hardware (e.g. an x86 assembler program isn't going to compile on ARM hardware), but rather in a language like C that has compilers on a wide variety of OSes, then you could compile the malware to run on a Pi. On the whole, you're going to be looking at a subset, and possibly a rather small subset, of the extant malware that will run or can be made to run on a Pi.

I'm not the least surprised that you are not seeing Pi-specific malware. It's not much of a target, either from the perspective of total numbers, nor in likely data of interest on such systems. I mean...what is going to be the gain for breaking into my alarm clock? Especially since I can just replace the SD card with a fresh image and restore everything to the way it was prior to the infection in a few minutes. Very hard to hold such a system for ransom.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 12:07 am
by Heater
muna,

I would imagine that ransomware kits that target Linux and work with the ARM processor that Raspbian runs on are very rare, if they exist at all.

If I had such a thing or knew where to find one I would certainly not tell you. After all I have no idea who you are or what you might do with such a thing.

Asking for such malware on this forum is probably seriously frowned upon by it's owners. It certainly is by me.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 12:12 am
by n67
I'm surprised its taken this long for someone to post to that effect.

I think the first rule of malware is that, like Fight Club, you don't talk about it.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 12:50 am
by W. H. Heydt
n67 wrote:
Mon Sep 03, 2018 12:12 am
I'm surprised its taken this long for someone to post to that effect.

I think the first rule of malware is that, like Fight Club, you don't talk about it.
"Security by obscurity" has been a bad solution for decades.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 1:11 am
by Heater
W. H. Heydt,
"Security by obscurity" has been a bad solution for decades.
So they say. All around the internet all the time. Usually out of context, as you have done. See here: https://en.wikipedia.org/wiki/Security_ ... _obscurity

Consider this:

You have a Raspberry Pi on the public internet and I happen to find a way to break into it. I can get root and mess with your system and generally give you a bad time. What should I do:

1) Give you and everyone else a bad time. Just for fun or perhaps for profit.

2) Tell random people like our OP how to have fun as well with my new found powers. Unleashing chaos on the Pi world.

3) Keep a lid on it and try to notify the creators or Raspbian or whatever software is involved that they have a problem to fix.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 8:46 am
by muna
Thanks, guys

my question is for research, as there are millions of ransomware and malware samples on the public internet, more than this number in dark web maybe.
my work is to test this attack and detect it in IoT devices, and because raspberry pi is the most common device in research for simulating a real environment, I am thinking to use it, as the same case for any workstation OS, Windows, Linux or whatever......

thanks.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 10:47 am
by Heater
muna,
my question is for research,...
I don't mean to imply that you are up to anything malicious but we only have your word for that and we have no idea who you are. It would be rash to provide you with a tool that you could use against us.
... as there are millions of ransomware and malware samples on the public internet, more than this number in dark web maybe.
I'm sure there are a few. So there is your research, find them...
... because raspberry pi is the most common device in research for simulating a real environment,...
Is it?

Having watched dozens of security guys presenting their security research results and vulnerabilities they have found at Black Hat, Defcon, CCC and such, I don't recall anyone of them using a Pi.

Re: malware execution in raspberry pi 3

Posted: Mon Sep 03, 2018 12:48 pm
by Gandalf87
muna wrote:
Mon Sep 03, 2018 8:46 am
Thanks, guys

my question is for research, as there are millions of ransomware and malware samples on the public internet, more than this number in dark web maybe.
my work is to test this attack and detect it in IoT devices, and because raspberry pi is the most common device in research for simulating a real environment, I am thinking to use it, as the same case for any workstation OS, Windows, Linux or whatever......

thanks.
Well, maybe try your luck over dark web? I don't mean to say anything rude but the possibilities are both bad and good. You're essentially expecting the users to help you out in something that could be used against them :/ While some have tried to help you in the initial posts, it's pretty evident that the elders still have their reservations.