Approximately 40,000 botnets used for cybercrime are discovered through routers and IoT devices whose support has been discontinued
A research team from Black Lotus Labs, the cybersecurity division of technology company
The Darkside of TheMoon - Lumen
https://blog.lumen.com/the-darkside-of-themoon/
Researchers Discover 40,000-Strong EOL Router, IoT Botnet - SecurityWeek
According to Black Lotus Labs, cybercrime groups around the world have been conducting campaigns targeting SOHO routers and IoT devices around the world for several years. Black Lotus Labs warns that the botnet in question was first observed in 2014 and has since expanded to approximately 40,000 botnets as of February 2024, operating secretly on targeted devices. doing.
'The majority of these botnets are used as the basis for a proxy service for a cybercriminal group called 'Faceless,'' Black Lotus Labs said. Our research shows that this is an increasing proportion of the population.' Faceless is highly anonymous and has become an essential tool for cybercrime groups to avoid their activities being detected.
According to Black Lotus Labs, the cybercrime group infiltrated botnets into older devices that were no longer supported by manufacturers and registered them on Faceless's network. Some of the Faceless logical maps identified by researchers were constructed in the first week of March 2024, and they also found that 6,000 ASUS routers were targeted within 72 hours.
Cybercriminal groups deliberately target devices that have unpatched existing security vulnerabilities and are no longer supported by their manufacturers, and Black Lotus Labs says, ``These devices are not installed. They may have forgotten about it, or it may have been connected and then abandoned.'
That's why Black Lotus Labs has set up appropriate firewalls to detect early signs of weak credentials or suspicious login attempts, and to protect data and assets from bots that carry out
In addition, Black Lotus Labs ensures that routers are regularly rebooted to install security updates and patches, that devices do not use common default passwords, and that router management interfaces are properly secured. It warns you that you should make sure that It also recommended that if a device is no longer supported, it should be replaced as soon as possible.
◆Forum now open
A forum related to this article has been set up on the GIGAZINE official Discord server . Anyone can write freely, so please feel free to comment! If you do not have a Discord account, please create one by referring to the article explaining how to create an account!
• Discord | 'How often do you replace your router? What are the reasons for replacing it?' | GIGAZINE
https://discord.com/channels/1037961069903216680/1222839243034988607
Related Posts:
