IoT threat: Malware targeting connected devices has tripled in a year
- Security experts uncovered over 12 million attacks originating from over 86,500 unique IP addresses in the first half of 2018.
- Cybercriminals continue to launch new IoT attacks using old malware samples.
Internet-connected devices have increasingly become a major security threat. Over the past few years, cybercriminals have conducted massive cyberattacks by enslaving Internet of Things (IoT) devices into destructive botnets. It appears that this trend is continually gaining ground.
Security experts recently discovered that in comparison to 2017 IoT threat trends, three times more malware samples are targeting IoT devices now. According to a new report by Kaspersky Lab, in just the first half of 2018, over 12 million IoT-related cyberattacks have originated from over 86,500 unique IP addresses.
Telnet most popular attack vector
“One of the most popular attack and infection vectors against devices remains cracking Telnet passwords,” Kasperesky Lab researchers said in their report. “Overall for the period January 1 – July 2018, our Telnet honeypot registered more than 12 million attacks from 86,560 unique IP addresses, and malware was downloaded from 27,693 unique IP addresses.”
Kaspersky Lab researchers said that most of the IoT attacks still come from SSH password bruteforcing and Telnet. The researchers also discovered that 23 percent of the attacks originated from Brazil, 17 percent from China and 7 percent from Russia.
Kaspersky Lab researchers also discovered that a majority of IoT attacks targeted Mikrotik routers. One of the main reasons for this is because cybercriminals have been leveraging the ChimayRed flaw, which is used against MikroTik routers. Most recently, the VPNFilter botnet targeted massive attacks against MikroTik, infecting over a million commercial routers in over 50 countries.
Not surprisingly, Mirai was found to be the top most downloaded malware family when it came to IoT attacks. Ever since Mirai’s source code was made public a few years, various variants of the botnet have cropped up and have been used to conduct destructive attacks across the globe. According to Kaspersky Lab researchers, botnets like Gafgyt and Hajime also rank among the top most popular IoT malware botnets.
“Malware for smart devices is increasing not only in quantity, but also quality. More and more exploits are being weaponized by cybercriminals, and infected devices are used to steal personal data and mine cryptocurrencies, on top of traditional DDoS attacks,” Kaspersky Lab researchers said.