The connected devices, whatever they are, if not properly secured can become a source of DDoS attacks.
That the spread of the Internet of Things devices is leading to a growth of security threats is not new: considering the large volume of connected devices is not properly protected, it is only a matter of time because each of them can also be compromised by any individual with few skills of hacking.
Although to date have not yet been circulating news of malware for household equipment, such as refrigerators or dishwashers, in recent years there has been a certain amount of spectators botnet created with IoT devices, those of closed-circuit television cameras (CCTV – closed-circuit television) to be among the most common. No surprise, since the IP-room and the cameras are connected between devices IoT most common.
The security company has detected as encapsulations own a botnet of CCTV was born a DDoS attack with firepower peak of 20,000 requests per second. Looking at the list of IP addresses from which an attacking, encapsulates rose to a long list of CCTV cameras all easily accessed remotely through the credentials set the output device to factory.
The attack in particular was set up by a flood of HTTP GET requests originated from about 900 CCTV around the world. The target was instead a great cloud service that serves millions of users around the world. All device’s compromises worked a Linux embedded with BusyBox, a smaller version of Unix utilities amalgamated into a small executable and designed for devices with limited resources.
In particular, malware is an ELF binary for ARM, version of the already known ELF-BASHLITE that scans the devices that make use of BusyBox and search services Telnet / SSH open that are potentially vulnerable to the brute force password dictionary to identify the access. The variant, in this case, is enhanced by the ability to launch a DDoS attack HTTP GET from compromised devices.
Access to video cameras violated occurred in several places, evidence of how they were affected by more than one person, and how easy it is to locate and exploit these devices when they are not adequately protected. Of any device connected it, the default credentials to be changed during installation.