2 min read

For rent: An IoT botnet to take down much of the internet

Graham CLULEY

October 24, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
For rent: An IoT botnet to take down much of the internet

Nobody knows for sure who launched a massive Mirai botnet attack against parts of the internet on Friday, but there’s no denying that they made themselves felt.

Hundreds of thousands, if not millions, of devices are thought to have been compromised by Mirai and recruited into the botnet. That botnet was then put to work, launching a distributed denial-of-service attack against the Dyn domain name service that had a dramatic impact on some of the world’s most popular websites, making them inaccessible to many internet users.

gov-tweet
Source: Twitter

Sites affected included Netflix, Spotify, Twitter, Github, and even the UK government.

In a statement Dyn confirmed that it had suffered a “sophisticated attack across multiple actor vectors and internet locations”, and that tens of millions of discrete IP addresses involved in the attack were devices infected by the Mirai botnet.

ddos-hits-websites
Source: reddit.com

And now, as Forbes reports, it has emerged that criminals were offering to sell a week’s worth of access to 100,000 hacked IoT devices for just $7,500 on the dark web at the beginning of October.

iot-botnet-advert
Source: forbes.com

I’m selling spots on one of the biggest botnets in the world. I will show more details proof for only SERIOUS buyers. attack power is around 1tbps [layer4] and around 7million r/s [layer7]

User limited to 50k bots – $4600
User limited to 100k bots – $7500
The price is per week.

The seller claimed that his botnet was based upon the Mirai source code, released publicly just a few days before.

It’s hard to imagine that some criminals won’t feel that that’s a small price to pay for the potential profit they might be able to extort out of their targets.

And, it’s worth bearing in mind, that we all have our part to play in protecting the internet from attacks like this. Botnets like Mirai are built on the shoulders of poorly-secured IoT devices like those produced by Sierra Wireless, compromised because they contain vulnerabilities or are connected to the public internet using default passwords.

Where possible, change the passwords used to access your IoT devices remotely, and apply any security patches which are available.

Meanwhile, websites which fear they might be at risk from similar attacks involving their DNS providers may be wise to build some mitigation in right now – adding additional DNS providers just in case one (like Dyn) goes down.

If you want to better secure all of your home”s connected devices against IoT threats, be sure to check out Bitdefender BOX.

tags


Author


Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like

Bookmarks


loader