Hacker Selling Hacked IoT Botnet for DDoS Attacks up to 1Tbps

If you thought darknet is all about drugs, ransomware or stolen data think again — Hackers are selling DDoS botnet on the darknet which means it’s now a business.

Last Friday was a huge setback for various web services including Twitter, Paypal etc. Nevertheless, it has recently been discovered that a group of hackers is selling hacked IoT devices (DDoS botnet) that can launch a full-fledged DDoS attack on the entire web. This could be ten times bigger the size we witnessed on Friday.

Also Read: Hackers take over security camera; live stream girls’ bedroom on Internet

The apocalyptic onslaught: According to Forbes, a darknet forum has been selling hacked IoT devices with 180,000 bots that can allegedly carry DDoS attacks up to 1 Tbps. The price for 50,000 bots has been set to $4600 whilst 100,000 bots are available for $7500. Remember, Internet’s largest ever DDoS attack was 1 Tbps conducted on OVH hosting through Mirai botnet and 145,000 hacked IoT devices but at this time it is unclear if the botnet for sale has any connection with Mirai botnet or it took any part in the DDoS attack on Dyn servers.

Screenshot from the dark net forum where hackers are selling the botnet

What is a DDoS attack

A DDoS attack is basically the influx of traffic pushed into the servers of a target website. Therefore, the user cannot access a website through that service provider and the entire system goes down. However, when it comes to the listing on the darknet researchers say that this is the first they have seen such IoT botnet being sold out in this way.

How to protect your IoT devices from hackers

In a conversation with Chief Science Officer for Morphisec Mr. Mordechai Guri, HackRead was told that hackers prefer IoT devices due to the fact that they are connected with the Internet and secondly most customers never change default passwords for their devices.

“IoT devices in general are the perfect platform for attackers to issue DDoS attacks. First, they are have full Internet connectivity – most of the time they remain idle, hence can be easily abused for DDoS purposes. Secondly, IoT devices, due to their diversity and complexity, have almost no in-device security products installed (e.g., Anti-Virus). Consequentially, attackers can easily spread their bot on IoT devices, without being detected for a long time. Thirdly, they are prevalent, so botnets on IoT devices in the future may consist of many millions of bots. Finally, such an attack is difficult to mitigate, as most IoT devices are embedded systems. Unlike ordinary PCs, removal of malware from IoT devices is a challenging issue in itself,” said Guri.

We at HackRead are working on an in-depth article that will highlight key features about protecting your IoT devices however for now if you own an IoT device change its default login credentials. Just yesterday, Chinese company Hangzhou Xiongmai recalled its devices after the involvement of its webcam was confirmed in Dyn DDoS attack.

Also Read: Brian Krebs site hit with 665 Gbps DDoS attack; Largest Internet has ever seen

In a statement, Xiongmai blamed customers for not changing default login credentials of their devices. So take notes on the issue and change your device’s default login credentials asap.

Related Posts