Tens of thousands of MikroTik and Ubiquiti routers are currently available online, featuring alarmistic hostnames such as "HACKED FTP server," "HACKED-ROUTER-HELP-SOS-WAS-MFWORM-INFECTED," or "HACKED-ROUTER-HELP-SOS-HAD-DEFAULT-PASSWORD."
In reality, these devices have not been hacked, just defaced, and appear to be the subject of some prank of vigilante's actions. Attackers aren't taking over devices, but merely changing the devices' names, as a warning for device owners, hoping that users will take action and secure their routers. Spotted by Ankit Anubhav, these benign hacks have been going on since last summer.Read more
Malware which targeted IoT devices was doing more than launching DDoS attacks, researchers discovered, but they question how effective it would be. Security researchers have unearthed code in a Mirai botnet enabling it to mine for bitcoins using IoT devices.
Researchers at IBM's X-force found late last month the functionality in a variant of the ELF Linux/Mirai malware. The bitcoin attack started on 20 March, peaking on 25 March, but three days later the activity subsided. What the researchers found in a sample of the code was the same Mirai functionality ported over from the Windows version but with a focus on attacking Linux machines running BusyBox.Read more
A variant of the Mirai malware pummeled a U.S. college last month with a marathon 54-hour long attack. Researchers say this latest Mirai variant is a more potent version of the notorious Mirai malware that made headlines in October, targeting DNS provider Dyn and the Krebs on Security website.
The IoT botnet behind the DDoS attacks is flooding its targets with HTTP traffic in application layer attacks, according to a technical overview by security firm Imperva posted on Wednesday. Researchers say attackers are leveraging 9,793 CCTV cameras, DVRs and routers, and are exploiting the same vulnerabilities as the original Mirai malware.Read more
Hong Kong's securities regulator said brokers in the city had suffered cyber attacks and warned of possible further incidents across the industry.
Regulators in Hong Kong have been stepping up efforts over the past year to combat the growing menace of cyber attacks on companies. A survey in November showed the average number of such attacks detected by firms in mainland China and Hong Kong grew a whopping 969 percent between 2014 and 2016. The Securities and Futures Commission said it had been informed by the Hong Kong police that brokers had encountered DDoS attacks targeting their websites and received blackmails from criminals.Read more
Mac OS users running Safari are falling victim to a tech support scam that can freeze their computer, according to a Thursday post on the MalwareBytes Labs blog. Similar previous campaigns have used fake alerts notifying victims that something is wrong with their computer, prompting them to reach out for tech assistance.
By clicking onto a phony site, or by calling a phony assistance number, the victim can then authorize attackers to gain control of their machines. One version of this scam, which targeted the browser, was dubbed a browlock. Another one which actually loaded malware onto devices was termed a screen locker.Read more
The Leet Botnet may have wrested the 2016 crown as most powerful distributed denial of service attack from Mirai with a 650 Gigabit per second attack launched early last week.
Researchers at Imperva Security wrote that a DDoS incident rivaled what was thought to be the largest such attack this year when KrebsonSecurity was struck in September with an attack that ranged between 620 and 665 Gbps. However, the two attacks, along with the massive Mirai botnet attack this fall, are much different than Leet. The attacks were picked up on the Imperva Incapsula network as the malicious actors apparently tried to strike several Imperva customers.Read more
You’ve probably heard the word botnet more than once recently, and that’s hardly surprising. Any connected device can be zombified — turned into a part of a botnet.
These include PCs, smartphones, tablets, routers, Wi-Fi refrigerators, smart toys, and a lot of other gadgets. In this post we explain what a botnet is, the bad things a botnet can do, and how to protect your gadgets from becoming a part of a botnet. Botnets: What are they? A botnet is a group of Internet-connected devices that have been infected with special malware. The kind of malware that creates bots, or zombies, works covertly, acquiring administrative rights.Read more
Just Imaging — What if, you enter into your home from a chilling weather outside, and the heating system fails to work because of a cyber attack, leaving you in the sense of panic? The same happened late last month when an attack knocks heating system offline in Finland.
Last week, a Distributed Denial of Service attack led to the disruption of the heating systems for at least two housing blocks in the city of Lappeenranta, literally leaving their residents in subzero weather. Both the apartments are managed by a company called Valtia, a facilities services company headquartered in Lappeenranta. Valtia CEO Simo Rounela confirmed that the central heating system and hot water system in both buildings had become a target of DDoS attacks.Read more
Just last month, researchers explained how an attacker can knock the 911 service offline in an entire state by launching automated Distributed Denial of Service (DDoS) attacks using a botnet of just 6000 smartphones. But, doing so, in reality, could not only land public in danger but the attacker as well.
The same happened to an 18-year-old teen from Arizona, who was arrested this week following a severe disruption of 911 emergency systems caused due to one of his iOS exploits. Meetkumar Hiteshbhai Desai discovered an iOS vulnerability that could be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features.Read more
Singapore telecommunications company StarHub has said the recent service outages affecting some of its home broadband customers were caused by cyberattacks.
After inspecting the network logs of the internet connection disruptions, the company said that it found evidence of intentional, possibly malicious DDoS attacks on its domain name servers. The company noted that they did not find any evidence that their other services were affected by the two attacks that occurred. A DDoS occurs when an attacker floods a company's network with fake traffic or messages in an effort to take it down and render it useless to clients.Read more