New IoT Botnet Finds Open Telnet Ports and Brute-Forces Entry and Installation
Security researchers have found a new botnet that’s brute-forcing its way onto devices through opened Telnet ports and named it HEH. Its makers wrote in GO, and the malware covers a wide array of possible architectures, allowing it to compromise numerous IoT devices.
The number of botnets has increased in direct proportion to the explosion of the IoT market. Numerous botnets are already active, including many that use the same principles to spread and infect devices. The appearance of yet another one, written from scratch, is proof there’s still plenty of room for more malware.
A key reason why new malware keeps popping up is that security researchers often find existing botnets, revealing their modus operandi and location. When these botnets are exposed, security solutions, ISPs, and other institutions have an easier time shutting them down.
The 360Netlab researchers found that the HEH botnet supports a vast array of CPU architectures x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, which only means that is developers made sure it can infect most any device with the Telnet port open.
“After the Bot runs the P2P module, it will execute the brute force task against the Telnet service for the two ports 23 and 2323 in a parallel manner, and then complete its own propagation,” say the researchers.
Of course, when it does find a Telnet port, it will begin its brute-force attacks using 171 usernames and 504 passwords. While the researchers didn’t share the credentials, for security reasons, it’s easy to surmise that those credentials are a combination of default user names and passwords and some of the most common that people use in their daily lives.
HEH is far from complete, which means that attackers are still fine-tuning it.
“Some important functions such as attack module have not yet been implemented. Also the P2P implementation still has flaws,” the researchers also point out.
Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds
December 21, 2021
Online Shoppers Beware, Mobile Scams Are on the Rise
December 17, 2021
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021