The Next Cyber Hurricane Is Coming And It’ll Take Down The Internet

by Mac Slavo | Oct 24, 2017 | Conspiracy Fact and Theory, Emergency Preparedness, Experts, Headline News | 33 comments

[dipl_text_animator animated_text=”Do you LOVE America? | Do you WANT our borders secured? | Don’t miss on the latest news | Subscribe and stay informed!” animation_layout=”zoom” animation_time=”740ms” animation_hold=”5010ms” _builder_version=”4.24.0″ _module_preset=”default” global_text_settings_text_align=”center” global_text_settings_text_color=”#FFFFFF” global_colors_info=”{}”][/dipl_text_animator]
[contact-form-7 id=”6521033″ title=”Article Subscribe”]

Share

botnet mit bot herder 3D

Last year, the botnet Mirai caused a massive distributed denial-of-service (DDoS) attack in October, knocking popular websites off the internet for millions of users. Right now, the next cyber hurricane is on the way, and it could take down the entire internet.

According to ZD Net, the botnet, dubbed “Reaper” by researchers at Netlab 360, is appearing on the radar of security researchers.  A little over a month ago, the researchers detected the sizable botnet of infected Internet of Things (IoT) devices. Now, just weeks later, it’s on track to become one of the largest botnets recorded in recent years.

The botnet is said to have ensnared almost two million Internet-connected webcams, security cameras, and digital video recorders (DVRs) in the past month, says Check Point, which also published research, putting its growth at a far faster pace than Mirai.

Mirai was “beautifully simple,” said Ken Munro, a consultant at UK-based security firm Pen Test Partners. The malware would scan the internet and infect connected devices with default usernames and passwords, which either weren’t or couldn’t be changed by the owner. The collective bandwidth from the huge number of “zombie devices” that were infected and enslaved was directed at Dyn, an internet infrastructure company, which overloaded the company’s systems and prevented millions from accessing popular websites.

Reaper, on the other hand, is much more complex. It’s “what Mirai could easily have been,” said Munro. It takes a slightly different, more advanced approach by quietly targeting and exploiting known vulnerabilities in devices and injecting its malicious code. This effectively hijacks the device for whenever the botnet controller is ready to issue their commands. Each time a device is infected, the device spreads the malware to other vulnerable devices just like a worm.

Mirai was much more aggressive too. It ran each device against a list of known usernames and passwords, but Reaper, by comparison,  is “not very aggressive,” said Netlab. By targeting a known vulnerability, the botnet can swiftly take control of a device without raising any alarms. “One of the reasons Mirai didn’t achieve its full potential is that the compromise didn’t persist beyond a reboot,” said Munro. “Hence, multiple botnet herders were competing for control of the compromised DVRs that comprised it, so the huge botnet it could have been was never built,” he added.

Not only has the botnet gained substantially in size in the past month, it’s capability is also expanding. New exploits have been added to the botnet’s arsenal regularly in recent days, said Netlab. Check Point said 33 devices are vulnerable to attack so far. Researchers have also noted that several known, easy-to-exploit vulnerabilities have not been added to the botnet, raising questions about why some exploits have been added and not others.

But what’s thrown researchers for a loop is that nobody can figure out what the botnet is for.

While the Mirai botnet was a point-and-shoot botnet that could be used to hose systems with vast amounts of bandwidth, Reaper can be used to run complex attack scripts on infected devices. Reaper’s command and control infrastructure is also growing in size, accommodating more infected devices by the day. Netlab said 10,000 bots were under the wing of just one command and control server.

So far, there haven’t been any signs of DDoS attacks yet. The botnet creator (“it appears that one group or individual has control of most of it,” said Munro), is focusing on building the botnet’s size. As it stands, Reaper’s size today could be capable of “creating significantly more DDoS traffic than Mirai,” said Munro. –ZD Net

A breakdown of the Reaper botnet shows that the malware that infects devices allows the botnet owner to remotely execute code on each device, said Alan Woodward, a professor at the University of Surrey. But because each device has such little individual computational power, the code running on each device would have to be harnessed collectively for a larger, coordinated computing task, he said. That could be anything from a DDoS on an internet target, to a much larger kind of attack.

“The aggregation of large numbers of the same Internet of Things (IoT) device leads to systemic issues,” said Munro. “When it’s one device affecting one home, it’s irritating for the consumer, but when it’s a million devices, deeper problems arise. For example, any IoT device that switches a lot of electrical power gives rise to potential to affect the electricity grid. Whether it’s a smart kettle, a smart thermostat switching your air conditioning or solar panels — all switch power,” he said. “Trigger a million devices that switch 3kW concurrently and the power grid fails.”

Researchers keep expecting the botnet to pounce, but it hasn’t yet. What happens next is anybody’s guess.

Jump to comments

[the_ad_group id=”24571″]

URGENT ON GOLD… as in URGENT

It Took 22 Years to Get to This Point

Gold has been the right asset with which to save your funds in this millennium that began 23 years ago.

Free Exclusive Report

The inevitable Breakout – The two w’s

[email-download download_id=”345496″ contact_form_id=”19fc5e7″]

Related Articles

[the_ad_group id=”30340″]

Comments

Join the conversation!

It’s 100% free and your personal information will never be sold or shared online.

Register here

0 Comments

Submit a Comment

Commenting Policy:

Some comments on this web site are automatically moderated through our Spam protection systems. Please be patient if your comment isn’t immediately available. We’re not trying to censor you, the system just wants to make sure you’re not a robot posting random spam.

This website thrives because of its community. While we support lively debates and understand that people get excited, frustrated or angry at times, we ask that the conversation remain civil. Racism, to include any religious affiliation, will not be tolerated on this site, including the disparagement of people in the comments section.

[dipl_ajax_search search_placeholder=”Article Search” display_fields=”on|on|off|off” search_result_box_bg_color=”#870404″ search_icon_font_size=”20px” search_icon_color=”#870404″ loader_color=”#870404″ _builder_version=”4.17.4″ _module_preset=”default” search_result_item_title_font_size=”14px” search_result_item_excerpt_font_size=”11px” border_color_all_form_field=”#870404″ global_colors_info=”{}”][/dipl_ajax_search]

[the_ad_group id=”30343″]

[the_ad_group id=”30344″]

[620studio_custom_posts post_type=”report” columns=”1″ limit=”1″ category_id=”23503″ caption=”no” date=”no” title=”no”]