Security News > 2020 > July > New wave of attacks aiming to rope home routers into IoT botnets
A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets.
"Cybercriminals know that a vast majority of home routers are insecure with default credentials and have ramped up attacks on a massive scale. For the home user, that's hijacking their bandwidth and slowing down their network. For the businesses being targeted by secondary attacks, these botnets can totally take down a website, as we've seen in past high-profile attacks."
Cybercriminals are competing with each other to compromise as many routers as possible so they can be conscripted into botnets.
These are then sold on underground sites either to launch DDoS attacks, or as a way to anonymize other attacks such as click fraud, data theft and account takeover.
Although any IoT device could be compromised and leveraged in a botnet, routers are of particular interest because they are easily accessible and directly connected to the internet.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/bQdccdZM71U/
Related news
- New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft (source)
- IoT Devices in Password-Spraying Botnet (source)
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices (source)