This new botnet, called IoTroop, was first detected in September end as tons of attempts were made by the hackers to exploit different vulnerabilities present in Wireless IP Camera devices from the makers like GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys, Synology, etc.
As per Check Point’s estimates, till now, more than a million organizations have been already infected by IoTroop. At the moment, it looks like it’s busy collecting its army to prepare for the final DDoS assault.
If we compare IoTroop to Mirai, both are computer worms that spread on their own from one device to another. While it seems like IoTroop could be using Mirai’s open source code, nothing could be said with certainty.
According to security firm Netlab 360, which chooses to call the botnet “Reaper,” the malware is designed to spread more deliberately than Mirai. It performs its actions more stealthily to stay away from different security tools.
“It is too early to assess the intentions of the threat actors behind it, but it is vital to have the proper preparations and defense mechanisms in place before an attack strikes,” according to the Check Point report.
At the moment, it’s advisable to go through Netlab’s security advisory for Reaper and find links to patches made available by vendors. Check Point too has some useful information on their blog.
What are your thoughts on current IoT security scenario? Don’t forget to share your views and security tips with us.