Botnet detected, consisting of "smart" TVs, media centers, PC and ... refrigerator

On Habré often published news and articles on the subject of "smart home", "Internet of things", etc. As far as can be judged, in a few years our homes will really "wiser", since the "Internet of things" is becoming more and more real with the advent of new and new models of devices capable of communicating with each other, as well as going online. It is good when the refrigerator can determine for itself what products are not available, and add it all up independently, using the budget allocated by the owner.



It is also good when TV can broadcast video directly from the web, as well as track selected shows and TV shows. But do not forget that the connection to the network must be secure, and manufacturers of "smart" technology do not always equip their devices with at least a simple firewall or antivirus.

')

The result was not long in coming: a recently discovered botnet of a new type, in addition to conventional PCs and laptops, also included representatives of the “smart” generation of home appliances, televisions, media irons and even a refrigerator. In total, the botnet consisted of approximately 450 thousand devices (450 thousand unique IP addresses), of which 100 thousand were representatives of the “smart” technology. Identified this botnet company Proofpoint.



The botnet worked, according to company representatives, from December 23, 2013 to January 6 of the current year. During this time, the system sent about 750 thousand spam letters. And about 25% of such messages were sent by home appliances. Specialists of the company even came up with a special name for the “smart” devices included in the botnet: “things-bots”. There are more and more “smart” devices, so soon the same irons, pressure cookers and multicookers can join this whole army. Well, then, the device is popular, you can immediately get millions of bots.



Among the identified devices, there are also ARM devices, there is a NAS (D-LINK and Netgear), there is a Dreambox, VU Duo2 Plus, and it seems like even PS3 / Xbox / WII gaming consoles.



Representatives of the company believe that the main reason why it became possible to create this type of botnet is the weak protection of consumer devices from hacking. And even if the manufacturer represents any means of protection, the user either does not pay attention to the need to configure the device, or conducts the wrong setting according to his own understanding, and not according to the instructions. The fact that the password set by the manufacturer needs to be changed, only a few buyers recall.



Via proofpoint