Researchers at Incapsula have discovered a botnet that runs on compromised CCTV cameras. There are hundreds of millions, if not billions, of these in the field, and like many Internet of Things devices, their security is an afterthought and not fit for purpose.
The botnet that Incapsula discovered was being used to direct HTTP flood attacks at 20,000 requests per second, originating from 900 CCTVs all over Earth. The researchers have identified another botnet running on network attached storage devices.
While the botnets running on these devices don't harm their owners very much (apart from using up some of their bandwidth), the fact that cameras aimed at potentially sensitive locations and drives holding sensitive data are being compromised at scale by Internet-based attackers suggests some ways in which the owners of these devices could also be victimized by their lack of security.
All compromised devices were running embedded Linux with BusyBox—a package of striped-down common Unix utilities bundled into a small executable, designed for systems with limited resources.
The malware we found inside them was an ELF binary for ARM named (.btce) a variant of the ELF_BASHLITE (a.k.a. Lightaidra and GayFgt) malware that scans for network devices running on BusyBox, looking for open Telnet/SSH services that are susceptible to brute force dictionary attacks.
CCTV Botnet In Our Own Back Yard [Ofer Gayer, Or Wilder, Igal Zeifman/Incapsula]
I’m making the final(ish*) stop of my Walkaway tour at Defcon this weekend in Las Vegas, giving a speech on Saturday in Track 2 at 10AM called $BIGNUM steps forward, $TRUMPNUM steps back: how can we tell if we’re winning?, followed by a book-signing at the No Starch Press table in the exhibitors’ hall.
Common Remote Access Trojan (RAT) tools — which allow hackers to remotely control hijacked computers, from the cameras and mics to the hard-drive and keyboard — are very badly written and it’s easy to hijack computers running the “command and control” components that malicious hackers use to control RATted systems.
The European Court of Justice has ruled that the 2014 EU-Canada passenger name record (PNR) agreement was “incompatible with the fundamental rights recognised by the EU,” because the records (“names, travel dates, itineraries, ticket and contact details, travel agents and other information”) were used for purposes “beyond what is strictly necessary for the prevention and […]
If you often find yourself far away from AC power, or just want to guarantee that you’ll have GPS access on your next camping trip, the SolarJuice External Solar Battery is an excellent companion for outdoor adventures. It’s currently available in the Boing Boing Store for $59.99.The SolarJuice has a 26,800 mAh battery capable of […]
Between election hacks, ransomware, and Devil’s Ivy, the cybersecurity space is booming as malware and hackers become more sophisticated. If you’re interested in pursuing a career in ethical hacking, or just want to secure your own devices, The Super-Sized Ethical Hacking Bundle is a great resource.In this bundle, you’ll learn the fundamental skills of ethical hacking, prepare […]
The TREBLAB X11 Earphones are versatile, offer great sound, and are currently $32.99 in the Boing Boing Store.These Bluetooth earbuds are a great workout companion. They’re totally sweat proof and their ear-fins keep them snugly in place during high activity — something that Apple’s AirPods can only do if you were blessed with precisely the […]