LizardStresser Botnet Launches 400G-bps Attack on IoT Devices

Found on eWEEK on Saturday, 02 July 2016

Security firm Arbor Networks is reporting that it has discovered a botnet made up of IoT devices attacking institutions in Brazil with up to 400G bps of attack traffic.

For the 400G-bps IoT botnet that is attacking Brazil, Arbor Networks' analysis revealed that attackers were able to abuse Telnet ports on vulnerable devices. Telnet use has long been deprecated as a best practice by IT security professionals as it is an unencrypted approach for remote access.

Soluk said that in this case it was the fact that Telnet was left open along with a default username and password that allowed the devices to be so trivially co-opted into the botnet.

For such serious security failures and violations of good practice, the companies who build the IoT devices in question should be held liable. Otherwise we will end up with millions of insecure devices ripe for abuse because those companies just won't care about essential security settings.

Browse all articles« Previous « » Next »