A new form of Linux malware is hijacking Internet of Things (IoT) devices made by one vendor by exploiting a common gateway interface (CGI) vulnerability. The ARM malware, detected by security software firm Trend Micro, arrives in requests for information (RFI) in CGI bin scripts. Once the malware is installed onto the device, it gathers system information and network activity data. It can also execute shell commands from the malicious actor, initiate Distributed Denial of Service (DDoS) attacks, and terminate itself.”]
Source: https://grahamcluley.com/new-linux-malware-hijacks-one-vendors-iot-devices-by-exploiting-cgi-bug/