Hello hydrosys,
to investigate the mqtt I installed the new version on a new SD Card. I imported the config file and was instantaneously back working.
To shut down, I normally connect to the Pi with Putty and sudo shutdown now. But I cannot log in to the Pi, it always gives me an access denied after I type in my password. My network settings are exactly the same as on the other SD Card with the bit older SW.
Please help, because I am used to make use of putty.
Login I use is "pi", and than the password I use to Login via the browser.
Very interesting about the malware - do you have any sources, links, or any additional info where I can learn about this malware?
I do digital forensics and malware reverse engineering as a profession - I would be interested in finding out the TTPs of the attackers/malware.
Maybe you can build a dynamic password into the code. A combination of the string "hydrosys4" and maybe the last 4 octets of the MAC address? Not sure the solution, but having a static password keeps it just as vulnerable as teh first time.