Security News > 2020 > July > New wave of attacks aiming to rope home routers into IoT botnets
A Trend Micro research is warning consumers of a major new wave of attacks attempting to compromise their home routers for use in IoT botnets.
"Cybercriminals know that a vast majority of home routers are insecure with default credentials and have ramped up attacks on a massive scale. For the home user, that's hijacking their bandwidth and slowing down their network. For the businesses being targeted by secondary attacks, these botnets can totally take down a website, as we've seen in past high-profile attacks."
Cybercriminals are competing with each other to compromise as many routers as possible so they can be conscripted into botnets.
These are then sold on underground sites either to launch DDoS attacks, or as a way to anonymize other attacks such as click fraud, data theft and account takeover.
Although any IoT device could be compromised and leveraged in a botnet, routers are of particular interest because they are easily accessible and directly connected to the internet.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/bQdccdZM71U/
Related news
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices (source)
- Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Juniper warns of Mirai botnet targeting Session Smart routers (source)
- Juniper warns of Mirai botnet scanning for Session Smart routers (source)
- New botnet exploits vulnerabilities in NVRs, TP-Link routers (source)