1 min read

New IoT Botnet Finds Open Telnet Ports and Brute-Forces Entry and Installation

Silviu STAHIE

October 08, 2020

New IoT Botnet Finds Open Telnet Ports and Brute-Forces Entry and Installation

Security researchers have found a new botnet that’s brute-forcing its way onto devices through opened Telnet ports and named it HEH. Its makers wrote in GO, and the malware covers a wide array of possible architectures, allowing it to compromise numerous IoT devices.

The number of botnets has increased in direct proportion to the explosion of the IoT market. Numerous botnets are already active, including many that use the same principles to spread and infect devices. The appearance of yet another one, written from scratch, is proof there’s still plenty of room for more malware.

A key reason why new malware keeps popping up is that security researchers often find existing botnets, revealing their modus operandi and location. When these botnets are exposed, security solutions, ISPs, and other institutions have an easier time shutting them down.

The 360Netlab researchers found that the HEH botnet supports a vast array of CPU architectures x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, which only means that is developers made sure it can infect most any device with the Telnet port open.

“After the Bot runs the P2P module, it will execute the brute force task against the Telnet service for the two ports 23 and 2323 in a parallel manner, and then complete its own propagation,” say the researchers.

Of course, when it does find a Telnet port, it will begin its brute-force attacks using 171 usernames and 504 passwords. While the researchers didn’t share the credentials, for security reasons, it’s easy to surmise that those credentials are a combination of default user names and passwords and some of the most common that people use in their daily lives.

HEH is far from complete, which means that attackers are still fine-tuning it.

“Some important functions such as attack module have not yet been implemented. Also the P2P implementation still has flaws,” the researchers also point out.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Google Prepares to Reset App Permissions on Billions of Devices Google Prepares to Reset App Permissions on Billions of Devices
Silviu STAHIE

September 20, 2021

1 min read
Sideloading Android Apps - Bane or Blessing for Android Users Sideloading Android Apps - Bane or Blessing for Android Users
Silviu STAHIE

September 20, 2021

2 min read
FTC Says Companies Operating Health Apps and Connected Devices Must Inform Users of Data Breaches FTC Says Companies Operating Health Apps and Connected Devices Must Inform Users of Data Breaches
Silviu STAHIE

September 17, 2021

1 min read