Security firm eScan has discovered a new vulnerability that specifically targets IoT devices. Called ‘Reaper’, the IoT botnet can be considered as a variant of Mirai, but is more lethal in nature when it comes to cyber attack.
Reaper shares similar features like Mirai, however, the botnet is capable of exploiting loopholes related to the internet connection. eScan warns that the new IoT botnet has been growing in the dark for over a month now, and is slowly spreading worldwide. The botnet’s target are corporate firms from various global industries.
Mirai attempts to connect to IoT devices using telnet protocol with the help of default or weak passwords to take control of the device. Reaper, on the other hand, is more sophisticated in its attack, and uses exploitations on unpatched devices to overpower. The firm further explains that the botnet can continue growing, and connect to all types of criminal activities. It has been already proliferating among multiple devices connected to million others. It has already been found taking control of IoT devices including routers and IP cameras, from companies such as D-Link, TP-Link, Netgear, and Linksys. ALSO READ: CERT-In issues warning after reports of massive cyber attack worldwide
In order to thwart being a victim of Reaper, you could consider password upgradation as a preventive measure. For organizations and individuals, it is crucial to ensure all devices connected to the internet are running the latest firmware versions with security patches included. ALSO READ: Before WannaCry and Judy, these 5 malware attacks wreaked havoc globally
To keep IoT botnet, or any botnet attacks at bay, organizations should regularly monitor the performance of their network for any suspicious behavior. It is utmost important to ensure all software are running up to date with latest security patches. For employees, it is essential to avoid accessing insecure content on the connect devices or the network that could put the ecosystem at risk. These include phishing emails, downloading unknown attachments or clicking insecure links.
If the network is running at risk of botnet attack, there are some anti-botnet tools such as firewalls and antivirus software which can aid in detection and removal of malicious software. Lastly, if the device falls victim to the attack, it requires shutting down of the control and command (C&C) server that controls the botnet. ALSO READ: India has talent, tools yet can’t tackle big cyber attacks: Report
The warning arrives in light of the Indian Computer Emergency Response Team (CERT) announcing that a DDoS-like attack is being readied using Reaper and IoTroop malware, and it is set to take over thousands of machines globally. Confirming the threat, Maharashtra IG (Cyber) Brijesh Singh told The Hindu, “Mirai had acquired five lakh devices. The Reaper malware has already affected two million devices worldwide, and is acquiring 10,000 devices per day. It seems to be targeting CCTV camera systems and Digital Video Recorders connected to the internet.”