In 2016, Mirai botnet shook the cybersecurity world with massive DDoS attacks that took down popular websites, online services, and hosting providers. As per a report from Check Point, a new botnet is evolving at a greater pace and more potential than Mirai. For those who don’t know, IoT Botnets are smart devices that get infected with malware and are controlled by an attacker remotely.
This new botnet, called IoTroop, was first detected in September end as tons of attempts were made by the hackers to exploit different vulnerabilities present in Wireless IP Camera devices from the makers like GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys, Synology, etc.
According to security firm Netlab 360, which chooses to call the botnet “Reaper,” the malware is designed to spread more deliberately than Mirai. It performs its actions more stealthily to stay away from different security tools.
“It is too early to assess the intentions of the threat actors behind it, but it is vital to have the proper preparations and defense mechanisms in place before an attack strikes,” according to the Check Point report.
As per Check Point’s estimates, till now, more than a million organizations have been already infected by IoTroop. At the moment, it looks like it’s busy collecting its army to prepare for the final DDoS assault.
If we compare IoTroop to Mirai, both are computer worms that spread on their own from one device to another. While it seems like IoTroop could be using Mirai’s open source code, nothing could be said with certainty.
At the moment, it’s advisable to go through Netlab’s security advisory for Reaper and find links to patches made available by vendors. Check Point to has some useful information on their blog.
What are your thoughts on current IoT security scenario? Don’t forget to share your views and security tips with us.