Slyck.com
 
Slyck Chatbox - And More

New, More-Powerful IoT Botnet Infects 3,500 Devices In 5 Days

What's happening in the world of technology related to hardware. Please submit stories for this forum here.
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

New, More-Powerful IoT Botnet Infects 3,500 Devices In 5 Days

Postby sunnyd » Tue Nov 01, 2016 6:16 pm

Story : http://arstechnica.com/security/2016/11/new-iot-botnet-that-borrows-from-notorio





There's a new, more powerful Internet-of-things botnet in town, and it has managed to infect almost 3,500 devices in just five days, according to a recently published report.

Linux/IRCTelnet, as the underlying malware has been named, borrows code from several existing malicious IoT applications. Most notably, it lifts entire sections of source code from Aidra, one of the earliest known IoT bot packages. Aidra was discovered infecting more than 30,000 embedded Linux devices in an audacious and ethically questionable research project that infected more than 420,000 Internet-connected devices in an attempt to measure the security of the global network. As reported by the anonymous researcher, Aidra forced infected devices to carry out a variety of distributed denial-of-service attacks but worked on a limited number of devices.

Linux/IRCTelnet also borrows telnet-scanning logic from a newer IoT bot known as Bashlight. It further lifts a list of some 60 widely used username-password combinations built into Mirai, a different IoT bot app whose source code was recently published on the Internet. It goes on to add code for attacking sites that run the next-generation Internet protocol known as IPv6.

The best-of-breed approach "is driving a high infection speed of Linux/IRCTelnet (new Aidra) so it can [infect] almost 3,500 bot clients within only five days from the moment its loader was first detected," a researcher who goes by the handle Unixfreakjp wrote in a blog post reporting on the new malware. "To incarnate a legendary botnet code into a new version that can [target] the recent vulnerable threat landscape is really inviting more bad news."







Follow Slyck on Twitter @SlyckDotCom
Join Slyck's Facebook Fan Page
sunnyd
 
Posts: 30027
Joined: Mon Jan 21, 2008 2:34 pm

Return to Tech/Hardware News

Who is online

Users browsing this forum: No registered users and 1 guest

© 2001-2008 Slyck.com