Saturday, October 12, 2024
HomeDDOSOne Million Organisations hit in under a Month with a Massive IoT...

One Million Organisations hit in under a Month with a Massive IoT botnet

Published on

Malware protection

The Internet of Things or IoT refers to the vast network of connected devices or “things” connected to the Internet which can be used to exchange and collect data. IoT devices include anything smartphones, smart appliances, healthcare devices, traffic monitoring cameras etc.

Much like anything these days, even IoT can come under attack by those who know how to harness its potential for malice. So it perhaps didn’t come as any big surprise that back in October 2016, Mirai (Japanese for “the future”), a malware surfaced attacking IoT devices such as IP cameras and home routers turning them into “bots”.

The hackers then used the IoT botnet to launch a catastrophic DDOS attack on a popular security blog called KrebsOnSecurity. The attack at that time was one of the largest recorded DDOS attacks in the Internet history (620GBps in size). The source code for Mirai written in C was then later released on GitHub.

But last Friday, a new botnet called Reaper or IoT Troop surfaced and has already affected at least a million networks and is considered more dangerous than the Mirai.

- Advertisement - SIEM as a Service

Its only up to one’s worse imagination that if Miraii could launch a DDOS attack of close to 620GBps in size, what Reaper could do with a million networks already as part of its botnet.

Researchers at Checkpoint claim using propagation attack where instead of sending a malicious code to every device, the hackers behind Reaper are using the compromised devices to spread the code to other devices.

Checkpoint estimates millions of organizations affected worldwide including US and Australia and the numbers increasing.Attacks found originating from different devices, countries and 60% from corporate networks according to ThreatCloud network.

As with any new technology, IoT promises to be the future of the Internet, bringing better connectivity and ease of use of the devices we use, but as these two botnet attacks show, an equal amount of stress must be placed on security.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

GorillaBot Emerged As King For DDoS Attacks With 300,000+ Commands

The newly emerged Gorilla Botnet has exhibited unprecedented activity, launching over 300,000 DDoS attacks...

Researchers Detailed Russian Hacktivist/State Hackers Tactics

The People's Cyber Army of Russia is a Russian hacktivist group known for its...

MegaMedusa, Highly Scalable Web DDoS Attack Tool Used By Hacker Groups

RipperSec, a pro-Palestinian, pro-Muslim Malaysian hacktivist group, has rapidly grown since its Telegram inception...