Skip to Content

IoT Botnets Are Growing—and Up for Hire

When anyone can make use of a burgeoning army of rogue connected devices for a fee, the threat of a crippled Internet is more real than ever.
November 30, 2016

The army of Internet-connected devices being corralled and controlled to take down online services is active, growing—and up for grabs.

Internet of things botnets—collections of devices hacked to work with one another to send debilitating surges of data to servers—have been blamed for several recent Internet failures. Most notably, the servers of domain name system host Dyn were taken down last month, affecting connectivity across large swaths of the East Coast of the U.S.

But hackers appear to be making attempts to swell the ranks of their botnet armies and offer their services for a fee, which could make future attacks far more serious.

The German telephone provider Deutsche Telekom has reported that nearly one million of its users suffered Internet outages this week as a result of a failed attempt to recruit the company's routers as devices for a botnet. According to an independent security researcher who spoke with Motherboard, the total number of devices employed in IoT botnets could now be in excess of 500,000.

Earlier this month, Ars Technica reported that a new piece of botnet software was able to commandeer 3,500 devices in the space of five days. It’s not clear, though, at what pace these systems will continue to grow. Most of the devices currently employed by hackers seem to be older, less secure hardware that’s easy to compromise. It may be harder, and take longer, to add your latest smart home hardware to the army—though it may not be impossible.

For now, though, some hackers appear to be trying to monetize their IoT botnets. Last month, Forbes reported that a 100,000-device system could be employed for $7,500. Now, another pair of hackers has put up the botnet that they control for hire, claiming to have as many as 400,000 devices to level at servers. Hiring 50,000 devices to perform an attack is reported to cost between $3,000 and $4,000, according to the site Bleeping Computer.

The same site reports that researchers have noticed that the latest version of the malware used to create the 400,000-device botnet, which is thought to be the same one used to try to take Liberia offline earlier this month, has a new trick up its sleeve. It seems able to provide fake IP addresses for the devices it’s using, which will make it substantially harder to block when used in the future.

Earlier this year, security expert Bruce Schneier argued that someone, somewhere was “learning how to take down the Internet” using these kinds of attacks. And this month at a Congressional hearing about the threat, he appealed to the government to intervene, explaining that “the market really can’t fix this ... the government has to get involved. [W]hat I need are some good regulations.”

With hackers realizing that other parties may be interested in taking advantage of their hard-won armies, the stakes ratchet up. If something isn’t done to stamp out these botnets, Schneier's apocalyptic predictions may yet come true.

(Read more: Reuters, Motherboard, Bleeping Computer, “The Internet of Things Goes Rogue,” “Massive Internet Outage Could Be a Sign of Things to Come,” “Smart Lightbulbs Could Plunge the Internet Into Darkness”)

Keep Reading

Most Popular

Scientists are finding signals of long covid in blood. They could lead to new treatments.

Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.