Hackers Prepping IOTroop Botnet with Exploits

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,551
According to threatpost, hackers are getting closer to launching full-scale DDoS attacks using millions of IoT devices that have been herded into the botnet known as Reaper or IOTroop. Hackers are swapping scripts on forums that can scan the internet for vulnerable IoT devices. This is getting serious folks. Make sure you update all the devices you can so you can hopefully protect your devices against these script kiddies.

The IOTroop malware targets poorly protected connected devices such as routers and wireless IP cameras manufactured by D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys, Synology and GoAhead. But because IOTroop doesn’t just exploit default credentials to compromise devices, as did Mirai, it has the potential to do more damage exploiting nearly a dozen vulnerabilities.
 
Here comes the internet apocalypse.

If you have a person you know that can't put down their devices....might want to put them in a cage now...lol

Remembering Xbox one launch with lizard blasting microsoft
 
So what does the aftermath of an attack like this look like? Can the attempted communication to these devices be blocked at ISPs or level 3 if this gets completely out of hand or is it going to be worse than that like as in automatically disabling individual internet accounts until the affected devices are removed from the network?

Can the traffic be effectively stopped?
 
Linksys just released a series of firmware updates in mid October for their routers that have "enhanced security" in the release notes.
 
This wouldd be less likely if they didn't design all of these devices to connect to an external "cloud" service.

I'm all for technologically enhanced homes, but why can't we keep these devices fullt behind our firewalls? There is no need for my thermostat to contact the mother ship. It should be able to work locally only.
 
When I'm asked why our DAQ suddenly would go haywire with some wild, previously-unseen bug, I would sometimes joke that it became self-radicalized.

It's strange, but there is a parallel with these IoT's, in that, similar to a terrorist recruit, they're reprogrammed and enlisted for malevolent purposes.
 
MavericK said:
It is amazing how many places I go where after I connect to the Wi-Fi, I am able to get full access to the router using default credentials.
Click to expand...

I used to rename the SSID at one of my favorite bars with playful joke names to encourage them to change the password. Even after I changed The SSID to "Change your password" or something like that, they still didn't get it...

Some people aren't too bright.
 
Zarathustra[H] said:
I used to rename the SSID at one of my favorite bars with playful joke names to encourage them to change the password. Even after I changed The SSID to "Change your password" or something like that, they still didn't get it...

Some people aren't too bright.
Click to expand...

Yeah, I generally don't mess with them but I've been tempted. Some of them are businesses... :eek:
 
We have a tech industry that is advertising and selling products that really need a secure environment to operate safely, yet expect full unfettered access to the Internet. Most customers buying these gizmos have no idea that they even need to consider network security. Most think that if they have their OS and AV set for auto update, they are good. The complexity of home networks is approaching what mid sized businesses had a few years ago(maybe not yet in number of devices but in the number of different services they use), yet a lot of the consumer grade routers have firewall abilities still rooted in the era of port forwarding to make game servers work and not much else. And no one is attempting to educate the end purchaser of these gizmos how to connect them responsibly.

So yes, we are most likely boned.
 
When are they going to enable this? I wanna be at BestBuy when it happens.

If it's anything like the 90s hacker movies, the blenders in Kitchen Appliances are going to sound off and play a song in unison.
 
MavericK said:
Yeah, I generally don't mess with them but I've been tempted. Some of them are businesses... :eek:
Click to expand...

I always use my own LTE connection. If they can't even set passwords to their routers how can you trust their connection in the first place?
 
geok1ng said:
actually contacting the mother ship is the reason why the product was created on the first place: as a mean to spy on your life.
Click to expand...

Understood.

All I want is an Enterprise style BMS (Building Management System) but for the home, where I have a VM running on my server that controls the thermostats, etc, and has no need for an external cloud connection. If I want to control my thermostat remotely, I'll forward a port on my router.
 
Since the article is from Kaspersky Labs, and they could be the hackers (or worse), how does one trust the information?
 
You must log in or register to reply here.
Back
Top