Articles about Botnets

Value pack of two tins of Spam

Florida Man jailed for 4 years after raking in a million bucks from spam

A marketer who used stolen email accounts to trouser more than a million dollars by spamming people has been sent down for four years. Timothy Livingston, 31, was handed the 48-month term after he pleaded guilty to counts of conspiracy to commit fraud in connection with computers and access devices, conspiracy to commit fraud …
Shaun Nichols, 18 Feb 2017
Robots, image via Shutterstock

Battle of the botnets: My zombie horde's bigger than yours

DDoS attacks more than doubled in the last quarter of 2016 compared to the same period the year before. Although the infamous Mirai IoT botnets accounted for many of the most severe attacks, the biggest single assault came from a different zombie network, according to a new study by Akamai out Tuesday. Attacks greater than …
John Leyden, 14 Feb 2017
The Jetsons Food Machine

University DDoS'd by its own seafood-curious malware-infected vending machines

A US university saw its network traffic slow to a crawl thanks to an IoT malware infection that hit, among other things, its vending machines. The unnamed university had its story told by Verizon Enterprise in a sneak preview [PDF] of its 2017 Data Breach Digest report. The story, as told by an also unnamed senior IT staffer …
Shaun Nichols, 13 Feb 2017
bsides

Ex-FBI man spills on why hackers are winning the security game

BSidesSF Comfortable illusions about how security is working are crippling the ability of government and industry to fight the threat, a former member of the FBI’s netsec team has told the BSides San Francisco 2017 security conference. Society is operating under the illusion that governments and corporations are taking rational choices …
Iain Thomson, 12 Feb 2017

Trump cybersecurity order morphs into 2,200-plus-word extravaganza

The latest draft of a cybersecurity executive order to be signed by President Trump has become an unusually precise, report-ordering extravaganza. Executive orders – even those signed by Trump – tend to be relatively short and quite vague, with general policy goals listed and expected to be interpreted by others. The new …
Kieren McCarthy, 09 Feb 2017

Suffered a breach? Expect to lose cash, opportunities, and customers – report

More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss. The finding is one of the key takeaways from the latest edition of Cisco's annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing …
John Leyden, 31 Jan 2017

DDoSing has evolved in the vacuum left by IoT's total absence of security

IoT botnets have transformed the threat landscape, resulting in a big increase in the size of DDoS attacks from 500Gbps in 2015 up to 800Gbps last year. Hackers have been able to "weaponise" digital video recorders, webcams and other IoT devices due to inherent security vulnerabilities, according to the DDoS mitigation firm …
John Leyden, 24 Jan 2017

Furby Rickroll demo: What fresh hell is this?

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes. Hacker Jake Davis, once known as "Topiary" of LulzSec, plucked out the work of Florian Euchner, who pulled apart the Bluetooth variant that toy-maker Hasbro uses to update its "Furby" …

Operator of DDoS protection service named as Mirai author

The author of the massive distributed denial-of-service attack malware Mirai, which ropes infected routers and internet of things devices into remotely controlled armies, is a New Jersey man, according to journo Brian Krebs. On his website this week, Krebs names a chap called Paras Jha, owner of a distributed denial-of-service …
Darren Pauli, 20 Jan 2017

D-Link sucks so much at Internet of Suckage security – US watchdog

America's trade watchdog is suing D-Link, alleging the router and camera vendor failed to implement basic security protections in its gear. The FTC said that its complaint was based on D-Link's failure to take "reasonable steps" to secure its products, putting the privacy of citizens everywhere at risk as a result. "Hackers …
Shaun Nichols, 06 Jan 2017

A year in infosec: Bears, botnets, breaches ... and elections

How often can we say that an IT blunder might have changed the course of world history? Hillary Clinton’s use of a private email server whilst serving as outgoing US President Barack Obama’s Secretary of State became a key element in the US presidential election this year. The FBI investigation around Clinton’s use of a …
John Leyden, 26 Dec 2016
negotiation

Wassenaar weapons pact talks collapse leaving software exploit exports in limbo

Security researchers face continued uncertainty after talks broke down between US negotiators and 40 other countries over the state of exploit exports. The negotiations concern the Wassenaar Arrangement, an arms-control pact in which members agree to limit the export of certain types of weaponry and "dual-use products." …
Iain Thomson, 21 Dec 2016
DDoS

DDoS in 2017: Strap yourself in for a bumpy ride

DDoS attacks have been around since at least 2000, and they’re not going away. In fact, as the number of devices online grows, the volume and velocity of these attacks is also increasing. Whole industries have developed around launching and preventing DDoS campaigns as black hats and white hats battle for dominance, and 2017 …
Robin Birtstone, 16 Dec 2016
flames_648

US think-tank wants IoT device design regulated, because security

Washington DC think tank the Institute for Critical Infrastructure Technology is calling for regulation on "negligence" in the design of internet-of-things (IoT) devices. Researchers James Scott and Drew Spaniel point out in their report Rise of the Machines: The Dyn Attack Was Just a Practice Run [PDF] that IoT represents a …
Team Register, 09 Dec 2016
Shaun of the dead zombies cricket bat movie still. Copyright Universal Pictures

Mirai variant turns TalkTalk routers into zombie botnet agents

Hundreds of Mirai-infected home routers across the UK are currently acting as DDoS bots. The vast majority (99 per cent) of these 2,398 Mirai-infected devices are TalkTalk routers, according to security researchers at DDoS mitigation firm Imperva Incapsula. “The botnet devices’ geolocation is very uncommon for DDoS botnets …
John Leyden, 08 Dec 2016

Sigh... 'Hundreds of thousands' of... sigh, web CCTV cams still at risk of... sigh, hijacking

Vid Amid ongoing malware infections of IoT gadgets and armies of commandeered gizmos attacking server, glaring security holes in web-connected CCTV cameras are going unpatched. So say researchers with Cybereason, who claim a pair of high-profile vulnerabilities they spotted in surveillance cams two years ago have been completely …
Shaun Nichols, 07 Dec 2016

CloudFlare warns of another massive botnet, er, flaring up

CloudFlare has warned of another massive botnet that appears to be ramping up and targeting the US West Coast. In a blog post, the content delivery network said it has been watching a flood of attack traffic that started two weeks ago and appears to have been coming from one person testing out its abilities before moving it to …
Kieren McCarthy, 05 Dec 2016
Robots massed photo via Shutterstock

Dyn Dyn Dyn – we have a buyer: Oracle gobbles Internet of Things DDoS victim

Oracle is buying Dyn, the internet infrastructure outfit whose A-list customers were struck by a global DDoS from internet-attached "things" in October. The software giant is buying Dynamic Network Services (Dyn) to speed up cloud computing traffic. Financial terms were not disclosed Dyn's platform controls and optimises …
Gavin Clarke, 21 Nov 2016
clinton vs Trump poster illustration. Photo by Shutterstock/editorial use only

Was IoT DDoS attack just a dry run for election day hijinks?

Comment The distributed denial of service attack that took down DNS provider Dyn, and with it access to a chunk of the internet, was one of the largest such assaults seen. The attack exploited Internet of Things devices – notably webcams built by XiongMai Technologies. The gadgets had default login passwords that allowed them to be …
John Oates, 08 Nov 2016

Universal hijack hole turns DIY Wix blogs into botnets

Millions of do-it-yourself websites built with the Wix web maker were at risk of hijack thanks to a brief zero day DOM-based cross-site scripting vulnerability. Wix boasts some 87 million users, among them two million paying subscribers. Contrast Security researcher Matt Austin (@mattaustin) dug up the flaw he rates as severe …
Darren Pauli, 03 Nov 2016
Horses stampede, image via Shutterstock

Melbourne Cup is 'top op for hacked camera DDoS extortionists'

"The race that stops a nation" could also stop betting agencies if the regular barrage of timely distributed denial of service attack (DDoS) extortionists utilise insecure embedded devices, Akamai says. The Melbourne Cup, scheduled for 3pm (AEDT) on Tuesday, is the richest two mile handicap race in the world with prize money …
Darren Pauli, 31 Oct 2016

Divide the internet into compartments to save us from the IoT fail whale

The best way of protecting us from Internet of Things botnets is to compartmentalise the entire internet, Intel’s chief architect for IoT security solutions has said. Sven Schrecker, speaking exclusively to The Register at IoT Solutions World Congress in Barcelona, also branded the potential impact of IoT botnets as ‘“ …
Gareth Corfield, 27 Oct 2016

How many Internet of S**t devices knocked out Dyn? Fewer than you may expect

With more time to analyse its logs, DNS provider Dyn reckons about 100,000 Mirai-infected home web-connected gadgets knocked it out last Friday. In its latest analysis, product executive veep Scott Hilton writes: “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious …
Suitcase full of money

Akamai rides on the botnet's back to US$584 million quarter

Cloud computing security has driven a 6 per cent year-on-year revenue growth for Akamai, up from $US551 million last year to $584 million for Q3 2016. The company's third quarter financial report shows its performance and security business unit turned in $345 million in revenue, 19 per cent higher than for the same quarter in …
Traditional lattice pylons in the UK countryside

Existing security standards are fine for IoT gizmos in electrical grids

IoT World Congress Putting Internet of Things sensors into electricity distribution grids works just fine - and security is catered for by existing broad standards, Luc Hossenlopp, CTO of Schneider Electric’s energy division, told the Internet of Things World Congress today. Addressing a packed auditorium at the Fira de Barcelona conference …
Gareth Corfield, 25 Oct 2016
head of 50s-style robot

Today the web was broken by countless hacked devices – your 60-second summary

Updated Today a vast army of hijacked internet-connected devices – from security cameras and video recorders to home routers – turned on their owners and broke a big chunk of the web. Compromised machines, following orders from as-yet unknown masterminds, threw massive amounts of junk traffic at servers operated by US-based Dyn, which …
Chris Williams, 21 Oct 2016

Spam scum ping global blacklists to wreck rep

Malware authors are consulting IP blacklists designed to help fight spam in a bid to avoid detection and increase inbox hit rates. The novel abuse allows malware authors to determine if they have infected clean and benign machines. "This malware is interesting because it contains a hardcoded list of commonly known blacklist …
Darren Pauli, 21 Oct 2016
DDOS

Sweet, vulnerable IoT devices compromised 6 min after going online

The unpatched Windows XP problem that spawned the Blaster and Sasser worm a decade ago is being replicated on a different platform by hackers exploiting IoT devices to launch denial of service attacks. Two Internet of Things-powered packet floods took down the websites of cybersecurity journalist Brian Krebs and French hosting …
John Leyden, 17 Oct 2016

Dell bundles bundle of systems-bundlers into its IoT van

The Dell EMC borg has chucked a slack handful of systems integrators into its Internet of Things Solutions Partner Program, it says. The routine business decision “is reflective of Dell’s effort to build a holistic ecosystem of IoT solutions that span industries” according to the usual burbling from Dell's PR speakers. The …
Gareth Corfield, 17 Oct 2016

Second hacking group targets SWIFT-connected banks

A second group of hackers – Odinaff – has broken into the SWIFT system, the fulcrum of the global financial payments system. Odinaff were found to be using the same approach as those who stole $81m from the Bangladesh central bank earlier this year. Attacks involving the Odinaff trojan and associated tools appear to have …
John Leyden, 11 Oct 2016

Internet of Things botnets: You ain’t seen nothing yet

Internet of Things (IoT) botnet "Mirai" is the shape of things to come and future assaults could be even more severe, a leading security research firm warns. Mirai powered the largest ever DDoS attack ever, spawning a 620Gbps DDoS against KrebsOnSecurity. Source code for the malware was released on hacker forums last week. …
John Leyden, 10 Oct 2016

Happy VXers get 400 enterprise-popping apps hosted on Google Play

More than 400 malicious apps from a single attacker have been successfully uploaded to the Google Play store, with one downloaded up to half a million times, Trend Micro malware researcher Echo Duan says. The malware is disguised as various games, phone boosters, and themes that when executed can compromise devices and …
Darren Pauli, 04 Oct 2016

SANS issues call to arms to battle IoT botnets

The SANS Institute is hoping sysadmins can help it to do what vendors won't: improve Internet of Things security. The call comes in the wake of not one but two IoShitT-based botnet attacks – the 600 Gbps-plus slam that sent security publication Krebs on Security from Akamai to Google Shield, and the same botnet escalating to …
A Starship bot face-tp-face with a pensioner on the street

Pisspoor IoT security means it'd be really easy to bump off pensioners

Two things are fixed on everyone's minds when it comes to the Internet of Things: security and law. How does industry overcome the threats posed by these two hurdles? Speaking at yesterday's Cambridge Wireless IoT event in London, Max Heinemeyer from Darktrace was all in favour of automating away the security problems. He …
Gareth Corfield, 29 Sep 2016
Irritated man looks at office desktop screen in frustration. Photo by Shutterstock

No wonder we're being hit by Internet of Things botnets. Ever tried patching a Thing?

Internet of Things devices are starting to pose a real threat to security for the sensible part of the web, Akamai's chief security officer Andy Ellis has told The Register. Speaking in the aftermath of the large DDoS against security journalist Brian Krebs, Ellis elaborated a little on the makeup of the botnet which took down …
Gareth Corfield, 27 Sep 2016

35,000 ARRIS cable modems at risk from firmware dumper bot

Hackers have exploited a back door in more than 35,000 ARRIS modems, making off with firmware and certificates, according to security researcher Bernardo Rodrigues. ARRIS makes cable modems and associated home networking kit. It recently shipped a patch to address 2015 zero day which at the time of disclosure impacted 600,000 …
Darren Pauli, 15 Sep 2016

Suspicious DNS activity runs rife

Nearly half (40 per cent) of enterprise networks tested by security appliance firm Infoblox show evidence of DNS tunnelling. DNS tunnelling is symptomatic of active malware or ongoing data exfiltration within an organisation’s network. Infoblox’s latest quarterly security assessment report (pdf) also measured the prevalence of …
John Leyden, 01 Sep 2016

DDoS, the cloud and you

Private cloud computing can be a useful way to offload some computing overhead and manage your costs effectively. The switch to operating expenses from capital expenses, the elasticity, the business continuity benefits – they're all real. But so are the dangers of DDoS disaster. There's a problem with moving your servers and …
Danny Bradbury, 21 Jul 2016

25,000 malware-riddled CCTV cameras form network-crashing botnet

A massive network of hacked CCTV cameras is being used to bring down computers around the world, we're told. The unusual 25,000-strong botnet was apparently spotted by US security outfit Sucuri when it investigated an online assault against an ordinary jewelry store. The shop's website was flooded offline after drowning in 35 …
Iain Thomson, 28 Jun 2016
Lady eating a sandwich checking her mobile phone

Biz networks' DNS troubles

More than four in five (83 per cent) of enterprise networks show evidence of malicious DNS activity. Malware such as botnets, the ZeuS banking malware, distributed denial of service (DDoS) traffic and the CryptoLocker ransomware generated malicious lookup queries picked up in a new study by DNS security specialists Infoblox …
John Leyden, 16 Jun 2016

Digital ad biz is fraudulent by design, complain big brands

Global trade body the World Federation of Advertisers (WFA) has produced a useful guide to the digital ad industry's toxic sludge. The WFA represents the biggest spenders on digital advertising, such as Unilever and MasterCard, and they're not happy. Advertisers lose out from ad fraud, and firms need to clean up their own act …
Andrew Orlowski, 07 Jun 2016

Two plead guilty to stealing personal information of millions

Two men have admitted to running a computer hacking and identity theft scheme which hijacked customer email accounts, stole personally identifiable information (PII) from millions of people, and generated more than $2m in illegal profits. In a press release the US Department of Justice named Tomasz Chmielarz, 33, of Rutherford …
Kat Hall, 03 Jun 2016

Password reuse bot steals creds from weak sites, logs in to banks

The perils of password re-use have been laid bare with the discovery of a botnet dedicated to finding account credentials on websites and testing the logins it finds on banks. The work is clever since it avoids tripping botnet detection and brute force rate limiters in place at most security-savvy banks, but absent across the …
Darren Pauli, 24 May 2016
Image by: TijanaM http://www.shutterstock.com/gallery-501730p1.html

Android Lollipop sucks at security, says researcher

Skycure security researcher Yair Amit has revealed a chained Android attack path that will greatly enhance attackers' ability to compromise 1.34 billion devices, or 95 percent of those in use. The Accessibility Clickjacking attack exploits flaws in protections for Android's accessibility and draw-over-apps features to allow …
Darren Pauli, 19 May 2016
Vikings. Credit: History Channel.

Malicious Android apps slip into Google Play, top third party charts

Malicious Android applications have bypassed Google's Play store security checks to enslave infected devices into distributed denial of service attack, advertising fraud, and spam botnets. The apps are legitimate games that in some stores outside of Google Play have made it to highly-contested top free games charts. …
Darren Pauli, 17 May 2016
Internet anonymity

US govt quietly tweaks rules to let cops, Feds hack computers anywhere, anytime

On Thursday, the US Supreme Court approved a change to Rule 41 of the Federal Rules of Criminal Procedure. It sounds innocuous, but the effects will be felt around the world. Under today's rules, US cops and FBI agents need to know where a computer is before they can get a warrant to directly hack the machine – because they …
Iain Thomson, 29 Apr 2016
St Petersburg Russia

SpyEye duo behind bank-account-emptying malware banged up

A two-man team responsible for spreading the SpyEye malware that caused more than a billion dollars in financial hardship is now starting extended sentences in American prisons. The malware's author – Aleksandr Panin, 27, of Tver, Russia – was sent down for nine years and six months by United States District Court Judge Amy …
Iain Thomson, 21 Apr 2016

Swedish military unwittingly helped hose US banks in 2012/2013

Sweden's military has told a newswire that its servers were used in a 2012/2013 attack on American banks. The report from Agence France Presse (AFP) quotes military spokesperson Mikael Abramsson, who told the agency, "The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to …

DNS root server attack was not aimed at root servers – infosec bods

The internet's root servers were not the target of a distributed denial-of-service (DDoS) attack in December which for a short time took out four of the 13 pillars of the global network. That's according to two security researchers who will present their findings at a conference in Argentina on Friday. Instead, they conclude …
Kieren McCarthy, 29 Mar 2016

US charges Iranians with hacking into an NY dam, blasting banks offline

The US Department of Justice (DoJ) has charged seven Iranian hackers over a string of high-profile distributed denial-of-service (DDoS) attacks against banks. The seven allegedly worked with Islamic Revolutionary Guard Corps-affiliated entities to run a coordinated campaign of cyber attacks against the US financial sector. One …
John Leyden, 24 Mar 2016