The massive mid-October DDoS attack driven by a swarm of everyday Internet of Things (IoT) devices crippled dozens of the Internet’s most popular websites and services could be the first of many. Two hackers have stepped forward and, in an online chat with Vice’s Motherboard, explained that a larger botnet is being assembled that will take down targeted systems, for a price.
The idea that an everyday object like your toaster and electric toothbrush could become part of a massive virtual army of zombified systems that take down even the most popular websites may sound like science fiction, but it is anything but.
A new type of security threat
A piece of malicious software (referred to as malware) called Mirai has become a household name in the information technology community for being a clever bit of code that targets, searches for, and compromises IoT devices. These devices, which can include everyday household objects like smart refrigerators, security systems, and even many wearables, are built in a way that puts convenience before security.
There are millions of computers on home and business networks around the world that are using default administrative passwords, receive minimal oversight from the network administrator, and use little or no encryption. To make matters worse, these gadgets don’t regularly receive patches and security updates because they aren’t as obvious to the user as they are on your smartphone or PC.
It was this widespread gap in security that enabled Mirai to hijack countless of these devices and, undetectable to the user, launch a distributed denial of service (DDoS) attack against one of the Internet’s most popular DNS services. The result was a widespread outage of dozens of high-traffic websites and services, including Twitter, Spotify, Amazon, and more.
A modified Mirai and a new zombie army
Just over a month after the attack, two hackers claim to have not only modified the Mirai malware to make it more powerful but to have found a way to add a new generation of IoT devices to its growing botnet. This Mirai variant is said to be capable of hijacking more devices, especially routers.
“The original Mirai was easy to take, like candy from this kids,” the hacker, who calls himself BestBuy, told Motherboard in an online chat. While the average Internet user browses in ignorant bliss, a virtual turf war is being waged between hacker factions to see who can gain and maintain control over the swarms of infected IoT devices.
Even now, your dishwasher could be a pawn in a chess game between two hackers on opposite sides of the planet.
One of the victims of this new wave of malware is German Internet service provider Deutsche Telekom, which had over a million of its users affected when hackers attempted to add its routers to their ever-growing botnets.
“I would like to say sorry to [Deutsche Telekom] customers – it was not our intention,” BestBuy said.