Search This Blog

Powered by Blogger.

Blog Archive

Labels

The rising menace of botnet malware

Malware or malicious computer code has been around in some form or other for over 40 years, but the use of malware to take control of a group of computers that are then organized into something called a botnet is more a twenty-first century phenomenon.

The word botnet is made up of two words: bot and net. Bot is short for robot, a name we sometimes give to a computer that is infected by malicious software. Net comes from network, a group of systems that are linked together. People who write and operate malware cannot manually log onto every computer they have infected, instead they use botnets to manage a large number of infected systems, and do it automatically. A botnet is a network of infected computers, where the network is used by the malware to spread.

Botnets have been responsible for some of the most costly security incidents experienced during the last 10 years, so a lot of effort goes into defeating botnet malware and, when possible, shutting botnets down.

In a very short time, new rapidly expanding Internet of Things  (IoT) botnet malware, more complex and dangerous than the 2016 malicious Mirai bot that caused widespread outages in the US and beyond, has already compromised over a million devices.

In 2016, IoT worm named Mirai infected some 2.5 million gadgets worldwide, building botnets that sent unstoppable floods of junk traffic and took down major internet services including Spotify, Paypal and Reddit.

Mirai impacted IP cameras and internet routers by simply trying default login and password combinations on them. But the new and recently-discovered botnet, known as IoT Troop or, more commonly, Reaper, has evolved beyond that simple tactic — not just exploiting weak or default passwords on devices it infects — but using more sophisticated software-hacking techniques to break into insecure gadgets even after passwords have been changed.

According to Check Point, millions of IoT devices have already beeen enslaved, including routers and IP cameras manufactured by GoAhead, D-Link, TP-Link, Avtech, and others, and the bot continues to rapidly spread.

The device owners should check IoT manufacturer lists of affected gadgets and perform a factory reset on its firmware, if required.


Share it: