Languagesx
English Deutsch
Subscribe
Home IoT Hacker’s botnet enslaves 18,000 Huawei devices in 24 hours

IoT Hacker’s botnet enslaves 18,000 Huawei devices in 24 hours

Building a botnet is no longer a big, time-consuming task, and can be done within 24 hours. At least, that’s what a hacker, who goes by the pseudonym Anarchy, claims. This hacker in question has created a botnet that has compromised over 18,000 Huawei routers within 24 hours.
 

Anarchy Botnet

The cyber attacker built the botnet by using an old vulnerability that was spotted by researchers from NewSky Security last Christmas. Following the outbreak of the news, other security firms including Rapid7 and Qihoo 360 Netlab has also confirmed the existence of the new threat. The firms saw a huge recent uptick in Huawei device scanning, which was to scans seeking devices vulnerable to CVE-2017-17215. It is a critical security flaw in Huawei HG532 devices which can be exploited through port 37215.
 

 
The motives of Anarchy are not yet clear. However, he has reached out to NewSky Security researcher Ankit Anubhav saying he wants “to make the biggest baddest botnet in town”. He’s probably talking of a distributed denial-of-service (DDoS) attack here. The hacker also revealed an IP list of victims to Anubhav, which has not been made public for obvious reasons.
What’s surprising here is that the CVE-2017–17215 vulnerability has been previously weaponized in two distinct IoT botnet attacks, namely Satori and Brickerbot. The working exploit code to compromise Huawei routers using this flaw was released to the public in January this year. “It’s painfully hilarious how attackers can construct big bot armies with known vulns,” Anubhav added.
Anubhav suspects that Anarchy may actually be the well-known threat actor Wicked, who has been linked with the creation of the Owari/Sora botnets before.
Botnets can be used to perform a DDoS attack to send malicious packets of data to a device and remotely execute code. The LizardStresser botnet, for example, was able to launch 400Gbps attacks on vulnerable IoT devices.
The story, however, may not be over. Anarchy/Wicked intends to enslave more devices by starting a scan for Realtek router vulnerability CVE-2014-8361.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

iPhone with the home screen, WhatsApp has been pressed
WhatsApp update: here’s how to find your messages much quicker
Sophie Atkinson
Change Healthcare hack damage.
Change Healthcare hack continues to inflict major damage
Deanna Ritchie
AI
Child sweatshops power the AI industry
Radek Zielinski
Modern Shipping Logistics
How IoT & Analytics are Powering Modern Shipping Logistics
Yash Mehta
Level of Detail Systems
The Impact of Level of Detail Systems on Rendering Efficiency in Unity
Emmanuel Ohaba

Most Popular Tech Stories

Latest News

Frank Woods from the Call of Duty Black Ops franchise
Gaming

Call of Duty Black Ops Gulf War - Release date speculation, platforms, Zombies, and everything we know
Jacob Woodward2 hours

It is that time again - the next Call of Duty iteration is on its way and we’re heading back to Black Ops. That’s right, after a four-year absence, fans...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.