When security firm Sucuri investigated the source of a 50,000-request/second DDoS attack on a jewelry shop, they discovered to their surprise that the attacks originated on a botnet made of hacked 25,500+ CCTV cameras in 105 countries.
These Internet of Things cameras were typical of IoT devices in that they ran with next to no security and inadequate patching systems. What's more, since they were always on and designed to transmit data over the public internet, they were especially powerful members of the botnet.
Sucuri researchers queried a sampling of the boxes and found that all of them showed they were running what was called the "Cross Web Server" that had a default Web page titled "DVR Components." The researchers later found the malicious IPs contained the company logos of resellers of CCTV services and that all the devices were running BusyBox, a collection of Unix-based utility tools that run on embedded devices. To make it harder to block the attack, the malicious devices had been programmed to emulate normal browser behavior by displaying a variety of common user agents, such as those associated with the Chrome, Internet Explorer, and Safari browsers. The hacked devices also displayed "referrers" falsely showing they had most recently visited sites including Engadget, Google, and USA Today.
Large botnet of CCTV devices knock the snot out of jewelry website
[Dan Goodin/Ars Technica]
(Image: Different Types of Cctv Cameras, Tamasflex, CC-BY-SA)
“If there are no consequences for the [UN] agencies for failures like these … there will be more breaches.”
Last spring, a Baltimore underwent a grinding, long-term government shutdown after the city's systems were hijacked by ransomware. This was exacerbated by massive administrative incompetence: the city had not allocated funds for improved security, training or cyberinsurance, despite having had its emergency services network taken over by ransomware the previous hear, and five city CIOs […]
“It is unclear at the current time whether this outbreak can be contained within China”
The dreaded tax season is nearly upon us, and that means it’s time to start the process of gathering all of the expenses that will give you the largest deduction possible. The Quickbooks Pro Desktop Certification Bonus Bundle will help take the headaches out of this miserable processes by teaching you how to use one […]
You don’t need to be a climate scientist in order to know that the Earth is in serious trouble, but the good news is that you also don’t need to necessarily make any drastic changes to your lifestyle in order to do your part to help. This nOcean Wearable Reusable Silicone Straw will help you […]
When it comes to conquering that resolution list and hitting all of your goals in 2020, nothing is more important than getting a great night’s sleep every night so you can wake up feeling refreshed and extra productive. The CarbonIce: 7-in-1 Bacteria Protection & Cooling Pillow will help you do just that, and right now […]