Hacking, Hacking Tools

Reaper botnet leverages millions of IoT devices

Just in time for Halloween, a growing hacked device botnet named “Reaper” could put the internet in the dark.
“Botnets” consist of vast networks of thousands and even millions of computers that have been infected with malware, enslaving them to do someone else’s bidding. They can be commanded — usually without their owners’ knowledge — to provide the raw computing power to take down websites and launch further cyberattacks.
Reaper is on track to become one of the largest botnets recorded in recent years — and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year’s cyberattack. The botnet has the potential to launch a devastating DDoS attack.
The botnet, dubbed “Reaper” by researchers at Netlab 360, is said to have ensnared almost two million internet-connected webcams, security cameras, routers and digital video recorders (DVRs) in the past month, researchers with the Israeli-based firm Check Point says — and the number is growing at a far faster pace than Mirai.
A little over a month ago, researchers at Check Point and Qihoo 360 came across a fast-growing Internet of Things (IoT) botnet, which the Qihoo researchers are calling the botnet IoT_reaper. Now, just weeks later, it’s on track to become one of the largest botnets recorded in recent years.
“Our research suggests we are now experiencing the calm before an even more powerful storm,” they warned last week. “The next cyber hurricane is about to come.”
Reaper borrows some code from the Mirai botnet, with one key difference: it doesn’t try to crack weak passwords — it simply exploits IoT device vulnerabilities.
The Qihoo researchers say they’re tracking multiple command and control (C2) servers for the botnet, just one of which is leveraging more than 10,000 active bot IP addresses per day.
At the same time, they note, “there are millions of potential vulnerable device IPs being queued into the C2 system waiting to be processed by an automatic loader than injects malicious code to the devices to expand the size of the botnet.”

Source : EHackingNews

Previous ArticleNext Article
Send this to a friend