Just a year after the biggest IoT-based malware in the future, a huge Internet crash was launched by launching a massive DDoS attack - a year ahead, security researchers are warning a new fast growing IoT botnet.
Researchers first discovered "IoT_reaper" by the odd tiger 360 company in September, and the new malware no longer relied on cracked passwords; instead, it exploited vulnerabilities in various IoT devices and swallowed them into botnets.
IoT_reaper Malware currently includes the following nine previously disclosed vulnerabilities in the IoT device vulnerability of the following manufacturers:
- Dlink (router)
- Netgear (router)
- Linksys (router)
- Goral (camera)
- JAWS (camera)
- AVTECH (camera)
- Vacron (NVR)
Researchers believe that IoT_reaper malware has infected nearly 200 million devices and has grown 10,000 new devices at an extraordinary rate every day.
This is very worrying, because last year the use of large-scale DDoS attacks Mirai removed the DNS provider Dyn, only 10 million infected devices.
In addition, the researchers pointed out that malware also includes more than 100 DNS resolvers, enabling it to start DNS amplification attacks.
"Currently, this botnet is still in its early stages of expansion. But the author is actively modifying the code, which deserves our vigilance." Qihoo 360 researchers say.
At the same time, CheckPoint researchers have warned that the same IoT botnet, called "IoTroop", has been infected with hundreds of thousands of organizations.
"It is too early to guess the intentions of the threat actors behind it, but with previous Botnet DDoS attacks essentially taking down the Internet, it is vital that organisations make proper preparations and defence mechanisms are put in place before attack strikes." researchers said.
According to CheckPoint, IoTroop malware also exploited vulnerabilities in wireless network camera devices such as GoAhead, D-Link, TP-Link, AVTECH, Linksys, Synology.
At this time, do not know who created this, why, but DDoS threat pattern is soaring, and may reach tens of megabytes of size.
"Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come." CheckPoint researchers warned.
You need to be more vigilant about the security of your smart devices. In our previous article, we have provided some essential, somewhat practical, solutions to protect your IoT
devices.
SOURCE: https://thehackernews.com/2017/10/iot-botnet-malware-attack.html
0 comments:
Post a Comment