A New IoT botnet materializes, successor of Mirai
Exactly one year ago, there was an infamous DDos attack on Dyn named Mirai that disrupted websites operations across North America and Europe. A new IoT botnet threat rears its ugly head in the name of “ IOTroop” , which can potentially cause greater damage .
Researchers at Check Point Software Technologies researchers discovered the threat and it is growing at a more faster pace than its predecessor Mirai and can cause greater damage.
The IoT botnet was first detected in late September and its attempts to exploit multiple vulnerabilities in IoT devices from manufacturers such as GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik and others.
" It has the same technical capabilities, and then over 100 additional functions added to it," said Maya Horowitz, Check Point' s group manager of threat intelligence " The most interesting differentiator we' ve exposed so far is that it exploits vulnerabilities in expanding the network, rather than only compromising devices that have factory default credentials set."
In a technical analysis it has been found out that IOTroop has been programmed to infect the devices and also propagate itself to the next link spreading the malware.
As of now, Check Point has identified 15 IoT vulnerabilities in the IoTroop’ s bot campaign.
" The discovery of a botnet bigger and potentially more dangerous than Mirai is alarming news for businesses and consumers around the globe," said Mark Hearn, director of IoT security at digital platform security provider Irdeto, in emailed comments. " With the cross-contamination of connected devices, threats easily cross boundaries of the connected home, the connected building, mobile devices, and the enterprise."
By this rate, the next attack of IOTroop could be far worse if the attackets target the entire global DNS infrastructure because out of top 100 websites, 68 use only one DNS provider for the domain and it is not prepared for any attacks. The attackers could also target APIs along with the top DNS providers.
Comments ( 0 )
No comments available