It is reported that a new, rapidly growing threat is spreading through IoT devices as we speak.
The last widely-reported threat called Mirai hit last year, and was so damaging it took down a large part of the internet, including Twitter, Reddit, Netflix, Airbnb and many others.
Mirai spread through IoT devices with weak or default passwords, however this new strain, dubbed 'IoT_reaper' exploits vulnerabilities in these devices to enable them to spread quickly.
It's the difference between checking for open doors and actively picking locks, and has already spread to a million networks and counting, growing at roughly 10,000 new devices per day.
The good news is that (at time of posting this) the botnet has not been used for any specific cause, unlike the DDoS attack on large parts of the Internet with Mirai. The bad news is that it is yet unknown what task the developers have planned, as they are simply building for scale at the moment. If they plan to DDoS a target, they will likely have a much larger scale of devices to use in their attacks than previously.
The IoT_reaper exploit currently includes nine previously disclosed vulnerabilities in IoT devices from the following manufacturers:
- Dlink (routers)
- Netgear (routers)
- Linksys (routers)
- Goahead (cameras)
- JAWS (cameras)
- AVTECH (cameras)
- Vacron (NVR)
It's worth mentioning that most of these devices have patches available to protect against the vulnerabilities used by this latest infection, so it is recommended that if you have devices from any of the listed manufacturers above that you patch them ASAP.