Criminals are flocking to botnets as of late, due to how much damage these nefarious creations can cause. Rakos, a rather prominent type of malware, is currently being used to build a very powerful botnet. So far, there are several thousand bots in existence. Although the numbers are not alarmingly high, this new botnet is more than capable of executing powerful DDoS attacks.
Beware of the Rakos Botnet
The last thing our society needs right now is more botnets. Although there is one advantage to this development: all of the botnets in circulation will compete for computational resources to infiltrate and hijack. In the long run, this should prevent botnets from becoming too large to deal with. Unfortunately, it appears Rakos is well underway to become a major threat despite its relatively small size.
As of right now, the Rakos botnet has seen over 24,000 unique bots in a three-day period. The latest report indicates over 8,000 machines and devices are part of this botnet at all times. Compared to the Mirai botnet, that is very small, but that doesn’t mean Rakos is less of a threat. Instead, it is now more than capable of carrying out large DDoS attacks against any target one can think of.
Luckily, it does not appear Rakos has any intention of conducting DDoS attacks anytime soon. Then again, this scenario can change at any given moment. The malware has successfully infiltrated IoT devices all over the world. Researchers discovered this malware as early as August of 2016, yet it took a few months until its modus operandi became more apparent. Ever since that time, the botnet has become more powerful.
As we would come to expect, this malware has undergone some major changes over the past few months. The developers introduced a peer-to-peer structure to replace the centralized command-and-control server option. However, some of the bots in the network now act as individual C&C servers, which means it will be difficult to shut them all down in quick succession.
Do not be mistaken in thinking Rakos is not used for nefarious purposes, though. It appears the developers are mainly using the botnet to carry out brute force attacks against open SSH ports. This method of attack will allow the botnet to grow even bigger over time. For now, it seems unclear if there is an actual fix for this problem, although rebooting an IoT device will certainly help matters along.
What is rather peculiar is how the vast majority of Rakos bots are Raspberry Pi devices. Nearly half of all the infiltrated machines are a Pi, indicating a lot of people use them for IoT purposes. However, a Raspberry Pi is not the only device of interest to the people responsible for creating Rakos. It is evident this botnet is well worth keeping an eye on before it becomes too large.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.