1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Researchers warn of new botnet that could take down the internet

By William Gayde ยท 12 replies
Oct 21, 2017
Post New Reply
  1. Security group Check Point Research claims to have discovered a rapidly growing and evolving botnet which they believe could eventually take down the internet. This botnet consists of millions of internet connected devices, better known as the Internet of Things. They have compared its strength to the now infamous Mirai botnet, but believe it will dwarf Mirai in its speed and growth.

    This latest threat has been called the Reaper botnet and makes other attacks look childish. Mirai worked by infecting unsecured devices with default passwords to add them to the botnet. The Reaper works by actively hacking and infiltrating millions of devices around the globe. Wired described it as "the difference between checking for open doors and actively picking locks."

    The Reaper malware contains some of the Mirai source code, but has greatly expanded its risk and potential. Rather than guessing common passwords, Reaper uses known vulnerabilities to inject its code into the victim. This allows it to grow at a much faster rate.

    The malware has already been discovered on 60% of networks monitored by Checkpoint. Vulnerable hardware includes devices from GoAhead, D-Link, TP-Link, Netgear, AVTech, MikroTik, Linksys, Synology, and some portions of Linux. Many of these device manufacturers have released patches for the vulnerabilities, but most users don't apply them.

    There are millions of devices already running the Lua-based software that will allow the botnet owners to load their attack modules. There have been no reported uses of the botnet, but the code shows it's in standby waiting for a signal to start the volley of DDoS attacks.

    Mirai had a bandwidth exceeding 1Tbps and was able to bring down sites like GitHub, Twitter, Reddit, Netflix, and Airbnb. Reaper is far more sophisticated and has the potential to launch attacks on a scale never seen before experts warn.

    Lead photo by William Bout on Unsplash

    Permalink to story.

  2. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,280

    Only one country in Africa targeted? I'm very pleased we're not deemed important enough.
  3. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 986   +508

    "Only one country in Africa with a Check Point Research client that has been infected"

    I fixed that for you.
  4. R00sT3R

    R00sT3R TS Addict Posts: 68   +104

    The world would be a much better place if Facebook & Twitter disappeared for good.
    sasat and SirChocula like this.
  5. Theinsanegamer

    Theinsanegamer TS Evangelist Posts: 1,267   +1,367

    Good. Loosing the internet for a week might slap some sense into the crazies that seem to clog up every news site and forum. So many people have lost their minds in the last few years.
    regiq, namesrejected and havok585 like this.
  6. jyoule

    jyoule TS Rookie

  7. havok585

    havok585 TS Booster Posts: 175   +43

    I wouldnt mind if this happened every 2-3 months ! It would really put some things into perspective about society without internet for a bit.
    regiq likes this.
  8. Uncle Al

    Uncle Al TS Evangelist Posts: 4,194   +2,658

    When they say that most users don't use the upgrades repairs I wonder just how much effort is made to inform the end user? Over the years I have NEVER received a notice from Netgear, Linksys, or D-Link despite the fact that I went on line and registered the devices. Sounds like the manufacturers have some work to do!
  9. HiAngel

    HiAngel TS Rookie

    Definitely. I'm glad those botnets started appearing, because what now happens, is that phone and IoT manufacturers instead of using a common GNU/Linux distro, are using some home made crap that is dropped after 2-3 years. Whereas if they used a distro, updates would kept appearing for many years forward.
  10. wiyosaya

    wiyosaya TS Evangelist Posts: 2,918   +1,429

    Absolutely agreed, but as Uncle Al says, the manufacturers need to notify people of updates, however, even if they do, my bet is none but the technically inclined would be knowledgeable enough to use them.

    As I have said elsewhere, IoT manufacturers need to be focusing on security instead of capitalizing on the fad. Until then, they are helping to make the internet worse, and for me, IoT devices are useless.
    BMAN61 likes this.
  11. MonsterZero

    MonsterZero TS Evangelist Posts: 508   +275

    I nominate twitter first so we don't have to read Trumps tweets.
    wiyosaya likes this.
  12. holdum323

    holdum323 Banned Posts: 1,725   +455

    Hopefully We still have a few congressmen with some common sense like John McCain; that will bring some sense into this country that I love. USAF1958 -1962 Electrician C 130! Okinawa. 18 months. No bone spurs. I volunteered and I'm proud to have served The USA . They assassinated my Commander In Chief ' John Kennedy' . That was a sad day for me.
    Go ahead and infect me. I have 7 images that I can use to get me back up and running and they have all been verified.:D
    PS I don't feel at ease replying on these threads; but some times, it feels like I should.:D
    Last edited: Oct 24, 2017
  13. sasat

    sasat TS Enthusiast Posts: 36   +20


Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...