Items tagged with botnet

A full-blown Skynet situation might be the thing of science fiction (we hope, anyway), but that doesn't mean bizarre things involving machines can't happen. As proof of this, Verizon teased an entry in its upcoming 2017 Data Breach Digest that describes a recent DDoS attack on an unnamed university involving vending machines, light bulbs, and 5,000 Internet of Things (IoT) devices. As with many DDoS attacks involving IoT devices, this one is the result of system administrators being a little too lax with security on these seemingly benign devices. The university in question dismissed complaints... Read more...
  Just yesterday, we posted a story concerning printer security and how we should take it more seriously given IoT botnets that are swooping across the globe (namely Mirai), along with the sensitive data and documents these machines are custodians of. Today’s printers have relatively potent processors, complex operating systems and of course connect to the internet, to enable remote printing and firmware updates (among other things). Unsurprisingly, though the timing is impeccable, a hacker by the name of Stackoverflowin’ just made the case for increased security with it comes to printers.... Read more...
Now might be a good time for Netgear to start doubling down on security for its networking products. The folks over at Trustwave found that 31 Netgear router models are susceptible to a security vulnerability that exposes the devices’ web GUI password to nefarious parties. More specifically, an attacker is able to take advantage of a router’s password recovery system in order to obtain login credentials, granting full access to the device. Needless to say, this is huge security oversight that could have wide-ranging implications for affected routers. “After few trials and errors trying to reproduce... Read more...
Like a massive army of Storm Troopers willing to follow devious commands, a pair of researchers from the University College London warn that a "large number of Twitter users are bots" that are ready to "contaminate the Twitter API stream." There are more than 350,000 in all, comprising what the researchers have named the Star Wars botnet. It has been dormant and "well hidden" since it was created in 2013. Juan Echeverria, a research student at UC London, and his supervisor and senior lecturer Shi Zhou outlined the threat in a research paper that is awaiting approval in a scientific journal. The... Read more...
The Mirai botnet started making waves publicly during the fall of 2016 with a high-profile DDoS attack on the security site KrebsOnSecurity. The DDoS attack, which was at the time the largest on record, pummeled the site with 620 gigabits per second of traffic. Since that time, Mirai has “zombified” hundreds of thousands of IoT devices, sucking them into the botnet at an alarming rate to attack other high-profile targets. Considering that Brian Krebs, who runs KrebsOnSecurity, was directly affected by Mirai (and lost his cloud service provider, Akamai, as a result), it’s almost poetic that he is... Read more...
Large scale distributed denial of service (DDoS) attacks powered by thousands and sometimes millions of Internet of Things (IoT) devices that have been turned into a massive botnet is something that content delivery networks (CDNs) and service providers must be prepared for in 2017. Lest anyone thinks otherwise, yet another "huge DDoS" assault was reported before the end of this year, this time from Incapsula, which fended off the largest attack to date on its network. With ten days to go before 2016 is in the rear view mirror (along with all of the celebrities it took), Incapsula found itself... Read more...
Over the past few months, we’ve witnessed the Mirai botnet wreak havoc with IoT devices like consumer webcams, DVRs and security cameras. These often budget-minded devices were often equipped with insecure software or employed security countermeasures that were easily overpowered. However, we’re learning today that it isn’t just cheap consumer devices that are susceptible to attacks — even high-end equipment can be compromised if a hacker has enough motivation to dig for exploits. Such is the case with Sony’s professional grade IPELA Engine IP cameras. According to SEC Consult, a backdoor was found... Read more...
900,000 Deutsche Telekom customers in Germany were hit with an internet outage beginning on Sunday, and IT analysts have concluded that the company was the victim of a hacker attack. The 900,000 affected customers make up roughly 4.5 percent of Deutsche Telekom’s 20 million fixed-line customers.It is believed that the hackers used malicious software known as Mirai. Mirai turns network devices into remotely-controlled “bots” that can be used to launch attacks and target other victims. Remote interfaces allow network technicians to fix customers' routers from far away, but are also susceptible to... Read more...
We recently witnessed a new and disturbing trend in cyber security and that is the widespread hacking of Internet connected devices to initiate DDoS attacks on an unprecedented scale. That is the method that made possible the Mirai botnet that targeted security expert Brian Krebs and his security blog with 620 gigabits per second of traffic, which at the time was a record. It is also what's causing a surge in DDoS attacks, as noted by content delivery network (CDN) Akamai. The CDN made its findings known in a recent security report compiled with data gathered from its intelligence platform. In... Read more...
On Friday, DNS provider Dyn was walloped by a massive DDoS botnet attack which slowed down or completely sidelined major websites like Amazon, Twitter, and The New York Times. The attack was carried out using improperly configured Internet of Things (IoT) devices that were zombified by Mirai malware. In this particular case, however, the majority of the IoT devices used in the botnet were webcams made by China-based XiongMai Technologies. "It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States," said Flashpoint... Read more...
Earlier this morning, we reported on the troubling news that the source code for the Mirai IoT DDoS botnet is now out in the open. If you recall, Miari is the botnet that was able to flood KrebsOnSecurity with 620 gigabits per second of traffic using a horde of zombie IoT devices (the attack was so devastating that Akamai cancelled its pro bono hosting arrangement with Brian Krebs). However, with Mirai source code now out for anyone to take advantage of, we may be seeing even more wide-scale DDoS attacks taking place in the future. And while KrebsOnSecurity might not exactly be a site that you... Read more...
Well, this isn't good. The source code for the botnet that took KrebsOnSecurity down by tapping into an unprecedented number of Internet of Things (IoT) devices has been released to the public. It's availability virtually ensures that distributed denial of service (DDoS) attacks equal in size or even larger will follow, creating financial headaches and service disruptions for companies both big and small. Brian Krebs, a renowned security expert and author of the aforementioned blog, recently found his website the target of one of the largest DDoS attacks in history. The massive attack brought in... Read more...
The web is becoming the wild, wild west all over again it seems. You could argue the Internet's always been a potentially dangerous place, but with the proliferation of smart devices becoming increasingly commonplace, cybercriminals now have more points of entry into home networks than ever before. Smart home automation gadgets collectively comprise much of what's referred to as the Internet of Things (IoT), and just like your PC, they can be silently hijacked and enlisted into a botnet, a malicious network of systems under the control of a foreign party. Individually, all these smart lighting,... Read more...
There are two Dorkbots. One is a nerdy group of organizations that sponsor grassroots meetings of artists, engineers, designers, scientists, inventors, and anyone else involved in electronic art. Their motto is "people doing strange things with electricity," and they're cool. We like them. They're not affiliated with the other Dorkbot, which is the name of a botnet that the FBI just broke up.Despite the goofy name, Dorkbot was no laughing matter. Security researchers have been tracking Dorkbot for more than four years, during which time it's grown to infect over 1 million Windows PCs spread across... Read more...
1 2 Next