A massive new IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. According to the International Business Times the botnet has already infected more than 280,000 IP addresses in just 12 hours, enslaving hundreds of thousands of home routers by exploiting a recently discovered zero-day vulnerability.
Satori which means “awakening” in Japanese, is actually the Mirai botnet's successor.
According to a new report by security researchers at Qihoo 360 Netlab, the Satori botnet can propagate rapidly by itself, which essentially makes it an IoT worm. Bleeping Computer reported that instead of using a scanner to search for vulnerable routers, the botnet uses two exploits that attempt to connect with devices on ports 37215 and 52869.
By reportedly abusing the zero-day vulnerability in Huawei Home Gateway routers, Satori was able to infect even routers secured with strong passwords. Apparently the Satori botnet's operators could launch an Internet-crippling DDoS attack at any time. At the moment, security researchers appear to be still gathering more information about the botnet by tracking its activities, in efforts to block any new control channels it may leverage.
Dale Drew, chief security strategist at CenturyLink, told ArsTechnica: "The scary story is we have botnet operators desperately trying to get access to nodes numbered in the hundreds of thousands if not millions. We've always said it takes a village to protect the Internet. When we find a bad guy we're getting that information sinkholed and blocked much more quickly."
In an email to SC Media UK, Rodney Joffe, SVP and Fellow at Neustar said: “As the number of devices connected to the internet continues to rapidly expand, so do the mass of vulnerabilities associated with the IoT. The sheer volume and complexity of these devices has opened a large window for targeted attacks, compromising the security and safety of household items, such as home routers.”
“To successfully mitigate these botnet's, there needs to be a greater understanding of how to safeguard the realm of the IoT, and everything it encompasses. While consumers are busying themselves with a brand new wealth of connected devices, making their homes, and lives, more convenient, it's up to the manufacturers of these products to prioritise security.”
“With every element of the IoT being connected, the knock-on effect of one device being hit by some form of cyber-attack has the power to, almost instantly, cripple millions of others. In order to work towards stamping-out the huge threat to the IoT landscape, more cohesive security strategies need to be considered, with consumers being made aware of the wider ecosystem they're signing up to, the potential risks associated with this, and how best to isolate them.”
“While the hype and attraction around connected products continues to unravel, it's essential enough time is being taken to know these devices inside out, to realistically stand a chance at keeping consumer information in the right hands.”