Posted on October 26, 2017 at 3:16 PM
Cybersecurity experts warned that the Reaper Botnet can compromise all internet-connected devices.
This past year has seen a dramatic increase in cyber attacks. The most recent attack, the Bad Rabbit attack, managed to affect large areas of Russia and the Ukraine. While most security experts were still scrambling for an efficient solution to Bad Rabbit, however, a new, more dangerous attack reared its head, called the Reaper Botnet attack.
The prominent cyber intelligence company, Check Point Research, published a report last week that confirmed that the Reaper botnet attack was based on Internet-of-Things devices and that the attack had a large scope. The attack has the ability to affect and compromise millions of devices, which dwarves all previous DDoS attack significantly.
According to the report, the Reaper Botnet attack is launched using several devices connected to the internet simultaneously. This is done to overwhelm the network with spam requests, which in turn enables hackers to steal data from the devices.
According to the report, the team of researchers estimates that millions of organizations and individuals have already been affected by the latest attack worldwide. The research also suggests that the number will only increase significantly from here on out. The report stated that despite a large number of already affected devices, this is simply the “calm before the storm”. Researchers suggested that Reaper Botnet could very well become the next cyber hurricane.
The specific malware utilized for the attack knows as Reaper, has the ability to attack an entire network of devices simultaneously, including Wi-Fi routers, which causes the devices to crash and disrupt the users’ internet connection.
According to the research, the Reaper Botnet attack could possibly be linked to the Mirai botnet attack. This attack occurred in 2016 and took down internet services all over the US.
According to the published report, Reaper Botnet has been rapidly evolving since its discovery. Certain technical similarities to the previous Mirai botnet has led researchers to believe that there is a possible link between the two DDoS malware. However, Reaper Botnet managed to spread much more quickly throughout the globe than its predecessor.
While it is still too early for researchers to fully establish the latest campaign’s intention, the report highly emphasized that all organizations and individuals absolutely must ensure that their network has proper defense and security measures for DDoS protection.
According to reports, Reaper has the potential to be far larger and more damaging in their scope. The report illustrates the difference between the two by stating that it’s the difference between checking for open doors and being able to actively pick locks. While Mirai was able to exploit vulnerable devices with weak or default passwords, Reaper has a much more aggressive approach in that it can actively hack and infiltrate devices. The two DDoS malware uses the same source code, but Reaper has much more potential for far-reaching implications.
Reaper has already affected over a million devices, particularly routers manufactured by GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys, and Synology.
According to reports, Reaper is far more sophisticated in its approach and much more damaging implication than Mirai. While Mirai had a bandwidth exceeding 1Tbps and was able to bring down sites such as GitHub, Twitter, Reddit, Netflix, and Airbnb, Reaper will be able to launch attacks on a scale that has never been seen before.
The Sun reported that security experts have issued official warnings to companies to check for possibly infected devices, and take them offline to try and contain the threat. Individuals have been advised to do the same.
Companies and personal users have also been advised to download software updates as soon as they become available, as these could include patches which will likely include additional DDoS protection to address the threat.