Short Bytes: According to a new report, massive IoT botnets are available for sale on TOR-based underground markets. For $7,500, one can get a botnet of 100,000 hacked devices, which is enough to DDoS any major online website or service. A wide range of IoT devices in these botnets are affeced by Mirai malware.
For those unaware of the mischiefs of Mirai botnets, they were used in DDoS attacks on Krebs On Security and OVH hosting provider.
In a surprising development, Forbes has learned that a huge army of hacked Internet of Things (IoT) devices is up on sale on underground criminal forums. The botnet comprises of thousand of hacked computers and smart devices. I know, you’re wondering how much they’ll cost.
You need to spend as little as $4600 for 50,000 hacked devices that are powerful enough to bring down an entire chain of online websites by overwhelming them with tons of data. Spend some more and you can get a botnet of 100,000 zombie devices that are capable of destroying an even bigger network. For a rough comparison–the attack on Dyn DNS, which crippled half of the internet, was carried out by a botnet of 100,000 hacked devices.
The for-sale ad in question was posted to AlphaBay on October 4th, couple of days after the Mirai source code was published. https://t.co/1bSBI9KvFL
— @mikko (@mikko) October 23, 2016
F-Secure chief research officer Mikko Hypponen told in a tweet that botnets are up for sale in the TOR-based Alpha Bay underground market.
“This is the first time we’ve seen an IoT botnet up for rent or sale, especially one boasting that amount of firepower. It’s definitely a worrying trend seeing the DDoS capabilities grow,” said Daniel Cohen, head of RSA’s FraudAction business unit.
At the moment, it’s not known if the botnet for hire was Mirai-related. However, Forbes was able to spot a Mirai-based botnet listing on Alpha Bay. “I can take down OVH easily,” the seller claimed.
This development, once again, highlights the sad state of IoT security that demands our immediate attention. What are your views on this matter? Don’t forget to add your comments.
Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.