In 2016, Mirai botnet shook the cybersecurity world with massive DDoS attacks that took down popular websites, online services, and hosting providers. As per a report from Check Point, a new botnet is evolving at a greater pace and more potential than Mirai. For those who don’t know, IoT Botnets are smart devices that get infected with malware and are controlled by an attacker remotely.
This new botnet, called IoTroop, was first detected in September end as tons of attempts were made by the hackers to exploit different vulnerabilities present in Wireless IP Camera devices from the makers like GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys, Synology, etc.
As per Check Point’s estimates, till now, more than a million organizations have been already infected by IoTroop. At the moment, it looks like it’s busy collecting its army to prepare for the final DDoS assault.
If we compare IoTroop to Mirai, both are computer worms that spread on their own from one device to another. While it seems like IoTroop could be using Mirai’s open source code, nothing could be said with certainty.
According to security firm Netlab 360, which chooses to call the botnet “Reaper,” the malware is designed to spread more deliberately than Mirai. It performs its actions more stealthily to stay away from different security tools.
At the moment, it’s advisable to go through Netlab’s security advisory for Reaper and find links to patches made available by vendors. Check Point too has some useful information on their blog.
Submitted by: Arnfried Walbrecht