A New IoT botnet materializes, successor of Mirai

Exactly one year ago, there was an infamous DDos attack on Dyn named Mirai that disrupted websites operations across North America and Europe. A new IoT botnet threat rears its ugly head in the name of “ IOTroop” , which can potentially cause greater damage .

Researchers at Check Point Software Technologies researchers discovered the threat and it is growing at a more faster pace than its predecessor Mirai and can cause greater damage.

The IoT botnet was first detected in late September and its attempts to exploit multiple vulnerabilities in IoT devices from manufacturers such as GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik and others.

" It has the same technical capabilities, and then over 100 additional functions added to it," said Maya Horowitz, Check Point' s group manager of threat intelligence " The most interesting differentiator we' ve exposed so far is that it exploits vulnerabilities in expanding the network, rather than only compromising devices that have factory default credentials set."

In a technical analysis it has been found out that IOTroop has been programmed to infect the devices and also propagate itself to the next link spreading the malware.

As of now, Check Point has identified 15 IoT vulnerabilities in the IoTroop’ s bot campaign.

" The discovery of a botnet bigger and potentially more dangerous than Mirai is alarming news for businesses and consumers around the globe," said Mark Hearn, director of IoT security at digital platform security provider Irdeto, in emailed comments. " With the cross-contamination of connected devices, threats easily cross boundaries of the connected home, the connected building, mobile devices, and the enterprise."

By this rate, the next attack of IOTroop could be far worse if the attackets target the entire global DNS infrastructure because out of top 100 websites, 68 use only one DNS provider for the domain and it is not prepared for any attacks. The attackers could also target APIs along with the top DNS providers.

Tag : Linux
FAQ
Q
What are the characteristics of IOT?
A
The interaction between smart devices creates a smart environment. The Internet Of Things (IoT) is the network of physical devices, vehicles, buildings, and other items—embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data.
Q
What is the advantage of IOT?
A
Advantages of IoT system. For those who are unaware of this term, IoT stands for the internet of things. IoT is a network of all physical, tangible items such as devices, cars, buildings and anything that has software or sensors in them which allow us to automate everything.
Q
What is the protocol for IOT?
A
A key IP (Internet Protocol)-based technology is 6LowPAN (IPv6 Low-power wireless Personal Area Network). Rather than being an IoT application protocols technology like Bluetooth or ZigBee, 6LowPAN is a network protocol that defines encapsulation and header compression mechanisms.
Q
What are IOT protocols?
A
The protocols involved in IOT Protocols are,
Infrastructure (ex: 6LowPAN, IPv4/IPv6, RPL)
Identification (ex: EPC, uCode, IPv6, URIs)
Comms / Transport (ex: Wifi, Bluetooth, LPWAN)
Discovery (ex: Physical Web, DNS, DNS-SD)
Data Protocols (ex: MQTT, CoAP, AMQP, WebSocket, Node)
Device Management (ex: TR-069, OMA-DM)
Semantic (ex: JSON-LD, Web Thing Model)
Q
What is IoT technology?
A
IoT is short for the Internet of Things. The Internet of Things refers to the ever-growing network of physical objects that feature an IP address for internet connectivity, and the communication that occurs between these objects and other Internet-enabled devices and systems.