Darlloz utilizes a PHP data disclosure vulnerability that was patched in May 2012 and has, so far, only targeted Intel x86 systems, according to Kaoru Hayashi, a Symantec researcher who discussed this threat in a blog post last Wednesday.
In addition to machines, the worm, which deletes files, was made to target the “internet of things,” Hayashi wrote, including home routers, set-top boxes and security cameras.
While researchers have not discovered any attacks against non-PC products, the worm’s capabilities are concerning as many users don’t know that they operate vulnerable Linux-based devices within their homes or offices, Hayashi said.
Even if users are aware of the attack, they may not be able to protect against it Hayashi states. “Another issue we could face is that even if users notice vulnerable devices, no updates have been provided to some products by the vendor, because of outdated technology or hardware limitations, such as not having enough memory or a CPU that is too slow to support new versions of the software.”