many of the IOT devices are infecting through world by ROOP OR REAPER.

many of the IOT devices are infecting through world by ROOP OR REAPER.

-by sunilkumar choudari







Researchers discovered a new Botnet called, IoTroop or Reaper, which is rapidly infecting millions of IoT devices across the world.
IoT (Internet of Things) Botnets are internet-connected smart devices that get infected with the same malware and is controlled by attackers from a remote location
Check point researcher who named it as IoTroop said that even though there are some technical aspects to Mirai- which caused a widespread DDoS attack in 2016, this is an entirely new and sophisticated campaign which can create far more potential damage than Mirai.
Check Point’s Intrusion Prevention System (IPS) first noticed it in September when there was an increasing number of attempts to exploit a combination of vulnerabilities found in various IoT devices by hackers.
The malware has already infected one million IoT devices and is evolving day by day targeting vulnerabilities found in devices such as wireless IP camera, routers, and others.




Source: Check Point
The attempted attacks were seen from many different sources and a variety of IoT devices which means the attack was being spread by the IoT devices itself.
“Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come and It is too early to assess the intentions of the threat actors behind it, but it is vital to have the proper preparations and defense mechanisms in place before an .
attack strikes” according to the Checkpoint report

Researchers from secruity from new lab360  which chooses to call the Botnet as Reaper said that it has borrowed some codes from Mirai but is different from Mirai in several key behaviors.
When Comparing with Mirai the Reaper (or IoTroop) Botnet borrows some codes and does not crack any weak password, but just exploit IoT device vulnerabilities and that is why the so-called name!
A LUA execution environment is integrated with the malware to carry out more complex attacks and as the scanning behavior is not aggressive, it can stay under the radar.
Both netlab and checkpoint has published security advisories for Reaper ( or IoTroop). Users are strictly advised to find links to patches available for their device and update it.



0