Mirai Variant Targets Financial Sector With IoT DDoS Attacks

Researchers said a Mirai botnet variant, possibly linked to the IoTroop or Reaper botnet, was leveraged in attacks against the financial sector. Continue reading Mirai Variant Targets Financial Sector With IoT DDoS Attacks

Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’

The authors of a sophisticated strain of malware that’s been attacking internet of things devices are almost certainly Chinese and could be connected to a Beijing-linked cyber-espionage group believed behind the Anthem health insurance hack, according to new research. Check Point Technologies — the Israeli cyber outfit that was the first to publicly identify the malware, known variously as Reaper or IoTroop — said in a technical report released this weekend that the malware authors and operators are operating out of China. “We have a very high degree of confidence about that judgement,” Yaniv Balmas, the firm’s security research group manager told CyberScoop. His conclusion comes from multiple independent factors. A unique feature of the malware, Balmas noted, was its use of a Lua environment. Lua is a lightweight, embeddable programming language designed to enable scripts to run. “We’ve never seen it [used in malware] before,” said Balmas, adding it made the malware “very agile … […]

The post Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’ appeared first on Cyberscoop.

Continue reading Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’

Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher

The new Internet of Things botnet variously known as Reaper, IoT_Reaper or IoTroop should be easy to stop if it ever attacks, a security researcher says. Reaper uses fixed, hardcoded domain and internet addresses for its command and control, or C2, servers — meaning they can easily be cut off by service providers, Radware security researcher Pascal Geenens wrote earlier this week. “The control servers, the architecture and the methods of operation of the Reaper botnet have been uncovered and are known,” Geenens wrote. “It uses a fixed domain and IP addresses for its C2 servers, which should make blacklisting or blackholing effective to stop any attacks it might attempt.” Although the hacker that controls the botnet — the “herder” — has proved successful at building it up, the botnet has not yet been used for attacks. But there’s widespread concern nonetheless about how powerful a weapon it could be. The Mirai botnet brought the […]

The post Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher appeared first on Cyberscoop.

Continue reading Don’t fear the Reaper: Botnet ‘easy to stop,’ says security researcher

Hackers Prepping IOTroop Botnet with Exploits

Researchers warn that hackers have weaponized a vulnerability that could be used in an IOTroop (or Reaper) attack, bringing the likelihood of an attack one step closer. Continue reading Hackers Prepping IOTroop Botnet with Exploits

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher

Malware dubbed IOTroop that researchers say is “worse than Mirai” has already infected one million businesses worldwide. Continue reading ‘IOTroop’ Botnet Could Dwarf Mirai in Size and Devastation, Says Researcher