The IoT botnet is expected to spread faster than Mirai.
A new IoT botnet dubbed IOTroop is expected to spread faster than Mirai because it has infected more than 1 million organizations since its discovery in late September, according to Check Point Software Technologies, which made the discovery.
IOTroop’s malware seeks out vulnerabilities in wireless IP camera devices, such as GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys, Synology, and others. “The malware is able to spread faster than Mirai for it leverages numerous vulnerabilities, rather than only compromising devices that use default credentials,” says Maya Horowitz, Check Point’s group manager of Threat Intelligence.
Although IOTroop shares some technical aspects with Mirai, Check Point stresses it is a new botnet with a far more sophisticated attack campaign. IOTroop, for example, uses the Internet of Things devices that it infects to scan additional devices and report back to the command and control server with its findings, Horowitz says. This helps IOTroop to accelerate the speed that it spreads, she notes. IOTroop takes advantage of users’ failure to patch existing vulnerabilities in their IoT devices, and also the ability to launch its malware without human interaction.
Read more about IOTroop here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio