Researchers from Russian antivirus vendor Dr. Web have found a new type of Linux malware that infects Raspberry Pi computers. The malware is called Linux.MulDrop.14. and it’s actively distributed since May this year.
The malware scans for Raspberry Pi devices that are accessible through SSH port 22. When it has found a victim it tries to login using the default username and password.
Once the Muldrop malware is logged in, it changes the password of user ‘pi’ and installs software to mine for digital crypto currencies. After that it starts to search for other vulnerable Raspberry Pi devices to infect.