Skip to Content
Uncategorized

A New Big, Bad Botnet of Things Is on the Prowl

December 5, 2017

A network of 100,000 Internet-connected devices has been corralled and is ready to attack the Web. That’s according to Dale Drew, a security researcher at broadband provider CenturyLink, who tells Ars Technica that the newly discovered botnet is “pretty sophisticated.”

Botnets are collections of connected devices that have been hacked to work with one another to send debilitating surges of data to servers. They’re becoming an increasingly large problem as smart hardware fills our homes, because IoT devices are often insecure and rarely updated, making them easy for hackers to control.

In fact, most botnets—including the infamous Mirai botnet, which inspired us to name botnets of things to our 10 Breakthrough Technologies of 2017—simply uses a database of factory-issued administrator credentials to commandeer devices that have never had their passwords changed.

The new botnet, however, actually makes use of a zero-day hack to add insecure Huawei routers to its legions. Of the 100,000 devices so far corralled by hackers, Drew tells Ars Technica, 90,000 are such routers. The other devices are ensnared using a database of 65,000 username and password combinations.

It’s not the first time a botnet has used security exploits to amass an army. In October, another team of security researchers announced that the Reaper botnet used a similar trick that threatened to affect millions of devices.

Drew tells Ars Technica that the new botnet is big enough to perform a seriously damaging attack, like the one that took down a large swath of the American Internet just over a year ago, and it’s still growing. But for now, we’ll have to wait and see when and where the new one strikes.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.