Categories: NewsSecurity

The Reaper Is Grim – What to Expect From the Latest Botnet

Using a network of internet-connected devices, botnets efficiently steal data, deny services, send spam, and perform a bevy of other frustrating and destructive actions against unassuming users. Botnets aren’t the newest malware on the web, but they continue to be effective at spreading malicious code and gaining fame and fortune for their creators. In fact, just this month, Israeli and Chinese security firms identified what could develop into the largest and most dangerous botnet ever: Reaper.

Disclosure: This is a Sponsored Article

Reaper’s Discovery

In the last, lingering days of September, an Israeli firm noticed that their security software was logging increasing numbers of attempts to exploit vulnerabilities in Internet of Things (IoT) devices. Meanwhile, a Chinese security firm was noticing the same odd behavior, and they managed to catch the code responsible. After some research, both groups uncovered sufficient evidence that the attacks were the work of a new botnet which has already grown to massive proportions. Initially dubbed “IoTroop” by the Israelis but quickly rebranded as “Reaper” thanks to the Chinese, the botnet is true to its newest name: It is slow, but it is diligent, and it has already claimed untold millions of machines.

Reaper’s Framework

Much of Reaper is built on the footprint of a previous botnet, Mirai, which made its debut in August 2016. Hackers lovingly built Mirai to seize control of as many IoT devices as possible and launch enormous denial-of-service attacks at targeted victims. The attempt was incredibly successful, preventing several websites and service providers from functioning effectively, and to rub salt in the wound, Mirai’s creators released the worm’s source code, spawning dozens upon dozens of clones. One of them, affecting infrastructure provider Dyn, attacked hosting firms for important web destinations like Reddit, Twitter, Spotify, and SoundCloud, rendering those sites unavailable for embarrassingly long periods.

Mirai was so effective because it used a cache of default passwords for IoT devices and tested them one after the other to eventually gain access to machines and networks. Reaper doesn’t rely on this slow and fallible technique; instead, Reaper has memorized vulnerabilities in IoT devices, diligently poking and prodding for weaknesses it knows is there, until it infiltrates machines. Though patches exist for most IoT security vulnerabilities, few users bother updating software for things, leaving them open to attack.

Related Post

Reaper’s method is faster and easier, and it can learn about new vulnerabilities as it goes. As a result, the botnet has grown to unbelievable proportions. The Israeli firm believes that 60 percent of IoT networks are compromised; the Chinese are certain more than 10,000 devices communicate regularly with the command-and-control server, but millions of devices are already queued, waiting patiently to be added to the botnet.

Reaper’s Potential

Reaper’s size makes its existence particularly troubling. Though the botnet has not acted yet, it is incredibly unlikely that hackers amassed this network of zombie devices for no purpose. Reaper could easily make denial-of-service attacks akin to Mirai’s clones, striking the internet’s pressure points and causing widespread disruption of services. If the botnet is powerful enough, cybercriminals might be able to leverage their firepower for money from governments, service providers, or civilian users.

Then again, Reaper might not exist to attack. Some botnets function as distributed proxies or anonymity networks, which helps hackers become untraceable as they perform other nefarious deeds, such as testing stolen credit cards or exchanging pirated media. The botnet might also exist to give hackers a platform from which they can explore and exploit other devices in more fecund networks — such as businesses. Regardless of its objective, Reaper threatens security and privacy, and it must be stopped.

Reaper’s Downfall

On one hand, device owners and users need fear little from Reaper, as denial-of-service attacks typically target high-profile victims. On the other hand, civilians around the world were impacted by Mirai’s success in shutting down popular websites, so IoT users should do what they can to protect their devices from Reaper. The first step is having

access to trustworthy internet support, which should be able to properly install IoT devices and maintain their security with regular updates and patches. Businesses wary of attack should take potentially infected devices offline until they are certain of Reaper’s reach.

Fortunately, Reaper might not ever swing its scythe. Authorities have recently identified, arrested, and sentenced the authors of Mirai, who might also be behind the Reaper botnet. Still, it is better to be safe than sorry; this could be the calm before a massive digital storm, and anyone with IoT devices should investigate their safety as soon as possible.

Guest

The writer of this post is a guest. Opinions in the article are solely of the writer and do not reflect The Merkle's view.

Share
Published by
Guest
Tags: Botnetreaper

Recent Posts

WIF Set to Overtake BONK? Lunex Soars with 100x Potential in Altcoin Season

As altcoin season heats up, all eyes are on the rising stars—especially Lunex, which is…

2 hours ago

Binance Coin Price Dips: BNB Holders Rush To Lunex Presale To Hedge Their Long Positions

While the broader market witnessed a notable upward movement, Binance Coin (BNB) experienced a decline…

2 hours ago

Crypto Stalwarts Forecasted 800% Growth in Innovative Projects: VeChain, Rollblock and Polkadot!

This blazing crypto bull run has investors looking for the next top altcoins set to…

2 hours ago

Dogecoin Price Set To Recreate 36,000% Rally From 2021 After Pennant Formation

The Dogecoin price is back in the limelight, captivating the crypto world with its recent…

3 hours ago

Is XRP About to Explode? How Trump’s Victory Is Affecting XRP Price Amidst JetBolt Growth

Ripple’s XRP showed a 68% price increase in the last 7 days following Trump's victory,…

3 hours ago

Ethereum Down While Bitcoin, Solana, and JetBolt Skyrocket In End November 2024

Ethereum stumbles as Bitcoin surges past $97K, Solana eyes new highs, and JetBolt’s presale shakes…

6 hours ago