Friday, April 13, 2018

Monday, April 09, 2018

51 percent of IP cameras are infected with Internet of Things botnet malware

An analysis of roughly 4,400 IP cameras in the U.S. using custom http servers found that just over 51 percent of them are infected by one of four Internet of Things botnet malware families, according to new research.
The majority of these 3,675 compromised cameras, or approximately 64.1 percent, were infected by the IoT botnet Persirai, Trend Micro reported in a blog post on Thursday. Discovered earlier this year, Persirai relies on exploited vulnerabilities to steal credentials and attack other devices.
The remaining affected cameras were found infected by the IoT botnets Mirai (about 27.7 percent), DvrHelper (about 6.8 percent), and TheMoon (about 1.4 percent), the blog post continues. Trend Micro used the Shodan search engine as well as its own research to amass its study sample, though it is not currently clear how recently this analysis took place. (SC Media has contacted Trend Micro for an answer.)

Mirai appears to be spreading fast. A security researcher put online six virtual machines designed to look like ADSL routers running Linux operating systems just like the ones targeted by Mirai—in other words, a set of honeypots.
It took only an average of 15 minutes for these to get hit with Mirai malware, the researcher, who asked to be referred to as "Jack B." to protect his real identity, told me in an online chat. (If you didn't just say "holy shit," you probably should have.)