By
Catalin Cimpanu
Researchers from Chinese security firm Qihoo 360 Netlab and Israeli security firm Check Point have spotted and analyzed the botnet as it continued to grow during the past month.
Both companies say the botnet uses some code from the Mirai IoT malware, but there are also many new things that make the botnet a standalone threat in its own right.
The biggest difference between Reaper and Mirai is its propagation method. Mirai scanned for open Telnet ports and attempted to log in using a preset list of default or weak credentials.
Reaper does not rely on a Telnet scanner, but primarily uses exploits to forcibly take over unpatched devices and add them to its command and control (C&C) infrastructure.
Netlab says that Reaper, at the time of writing, primarily uses a package for nine vulnerabilities: D-Link 1, D-Link 2, Netgear 1, Netgear 2, Linksys, GoAhead, JAWS, Vacron, and AVTECH. Check Point also spotted the botnet attacking MicroTik adn TP-Link routers, Synology NAS devices, and Linux servers.
full read here:
+5423rd October 2017
It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.
Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.
Full Article.
It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.
Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.
Full Article.
Well, given that few in the IoT developer world are bothering to heed the warnings of the past year and to tighten up thier security act, I cannot say that I am surprised. The miscreants were bound to notice and therefore look for easy pickings...much to the detriment of Joe Public. :(
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
1 person likes this
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.