New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet

Just a year after Mirai—biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks—completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet.

Dubbed ‘IoT_reaper,’ first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits vulnerabilities in various IoT devices and enslaves them into a botnet network.

IoT_reaper malware currently includes exploits for nine previously disclosed vulnerabilities in IoT devices from following manufactures:

  • Dlink (routers)
  • Netgear (routers)
  • Linksys (routers)
  • Goahead (cameras)
  • JAWS (cameras)
  • AVTECH (cameras)
  • Vacron (NVR)

Researchers believe IoT_reaper malware has already infected nearly two million devices and growing continuously at an extraordinary rate of 10,000 new devices per day.

This is extremely worrying because it took only 100,000 infected devices for Mirai to took down DNS provider Dyn last year using a massive DDoS attack.

Besides this, researchers noted that the malware also includes more than 100 DNS open resolvers, enabling it to launch DNS amplification attacks.

Currently, this botnet is still in its early stages of expansion. But the author is actively modifying the code, which deserves our vigilance.” Qihoo 360 researchers say.

Meanwhile, researchers at CheckPoint are also warning of probably same IoT botnet, named “IoTroop,” that has already infected hundreds of thousands of organisations.

“It is too early to guess the intentions of the threat actors behind it, but with previous Botnet DDoS attacks essentially taking down the Internet, it is vital that organisations make proper preparations and defence mechanisms are put in place before attack strikes.” researchers said.

According to CheckPoint, IoTroop malware also exploits vulnerabilities in Wireless IP Camera devices from GoAhead, D-Link, TP-Link, AVTECH, Linksys, Synology and others.

At this time it is not known who created this and why, but the DDoS threat landscape is skyrocketing and could reach tens of terabits-per-second in size.

“Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come.” CheckPoint researchers warned.

You need to be more vigilant about the security of your smart devices. In our previous article, we have provided some essential, somewhat practical, solutions to protect your IoT devices.

Also Read: How Drones Can Find and Hack Internet-of-Things Devices From the Sky.

Source : THN

602 Gbps! This May Have Been the Largest DDoS Attack in History

Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet.

Until now, nearly every big website had been a victim of this attack, and the most recent one was conducted against the BBC’s websites and Republican presidential candidate Donald Trump’s main campaign website over this past holiday weekend.

Out of two, the largest DDoS attack in the history was carried out against the BBC website: Over 600 Gbps

Largest DDoS Attack in the History.

The group calling itself New World Hacking claimed responsibility for taking down both the BBC’s global website and Donald Trump’s website last week.
The group targeted all BBC sites, including its iPlayer on-demand service, and took them down for at least three hours on New Year’s Eve.
At the moment, the BBC news organization announced that the outage was caused due to some “technical” fault, but later it stated that “New World Hacking” group had claimed responsibility for launching a DDoS attack against BBC, as a “test of its capabilities.”

BangStresser DDoS Attack Tool

One of the members of the New World Hacking group, identified himself as Ownz, claimed that the group allegedly used their own tool called BangStresser to launch a DDoS attack of up to 602 Gbps on the BBC’s website.

As a proof, the group provided ZDNet a screenshot of a web interface that was allegedly used to attack the BBC website.
Although the authenticity of the screenshot has not been verified, if the attack size is proven true, it would vastly surpass the largest DDoS attack record of 334 Gbps, recorded by Arbor Networks last year.
The recent massive DDoS attack apparently utilizes two Amazon Web Services servers that employ a large number of automated detection and mitigation techniques in order to prevent the misuse of the services, Amazon previously claimed.
“We have our ways of bypassing Amazon,” said Ownz. “The best way to describe it is we tap into a few administrative services that Amazon is use to using. The [sic] simply set our bandwidth limit as unlimited and program our own scripts to hide it.”
More details about the attack have yet not disclosed, but Ownz claimed that their main purpose behind the development of the BangStresser DDoS tool is to unmask ISIS and possibly end its online propaganda.
“We have been taking down ISIS websites in the past,” said Ownz, “this is just the start of a new year.”
A similar group named Lizard Squad, conducted a marketing campaign for promoting their DDoS tool, known as the Lizard Stresser, using which the group took down Sony’s PlayStation Network and Microsoft’s Xbox Live last year on Christmas Eve.

Indian hackers ‘pay back’ Pakistan for 26/11

A Pakistani government website hacked by Indian hacker.

Team Indian Black Hats hacked around ten Pakistani websites, including a high profile Pakistan government website.

A group of Indian hackers, calling themselves the Indian Black Hats have launched a symbolic cyber attack against Pakistan for the 26/11 Mumbai attacks, by hacking into two government sites and around 10 non-government domains on Thursday, the fourth anniversary of the terror attacks.

According to one of the hackers, the attack which began in the wee hours of Thursday was led by ‘team Indian Black Hats’, a group of like-minded hackers from across the country. The same team was in cyber space from 2011 to 2013 under the name Indian Cyber Devils, and after a brief lull with members continuing to be active with various other hackers’ groups, had revived itself from January 2015.

The websites that the Indian Black Hats hacked till evening on Thursday were www.csd.gov.pk and www.mona.gov.pk, while a variety of non-government domains, including www.metroshoes.com.pk, as well were hacked by the Black Hats. The “attack” was launched as a tribute to the martyrs of 26/11, they said, adding that the “payback” was still on.

Incidentally, a similar group, Mallu Cyber Soldiers, had earlier hacked several Pakistani government websites in retaliation to an attack by Pakistani hackers on the Kerala government’s website in September apart from mounting a cyber war of sorts against websites that allegedly were part of online prostitution rackets.

Aamir Khan Website Taken Down By DDoS Attack

It’s been a bad weekend for Aamir Khan. Today his website http://aamirkhan.com was down much of the day after a dedicated distributed denial-of-service (DDoS) attack by online attackers, which left the website inaccessible to users.

Aamir Khan ( born Mohammed Aamir Hussain Khan on 14 March 1965) is an Indian film actor, director, producer, television personality, social worker, screenwriter and philanthropist. Through his successful career in Hindi films, Khan has established himself as one of the most popular and influential actors of Indian cinema. He is the recipient of numerous awards, including four National Film Awards and seven Filmfare Awards. He was honoured by the Government of India with the Padma Shri in 2003 and the Padma Bhushan in 2010.

Bollywood superstar Aamir khan’s said at the Ramnath Goenka Awards function that there is an increased sense of despondency over the past 6-8 months and that he was alarmed by it. He also said – that his wife Kiran Rao had suggested that they should move out of the country as she feared for the safety of her children.

At the time of writing this post website is still not accesible due to DDOS attacks and displaying this message

Amir Khan DDOS