New Botnet Threatens IP Cameras
The botnet’s discovery follows the largest Distributed Denial of Service attack in history involving IoT devices.
The following article originally ran in Campus Safety’s sister publication Security Sales & Integration.
Trend Micro just revealed it has discovered a new botnet called Persirai that is targeting over 1,000 IP camera models.
All 122,069 vulnerable IP cameras can be discovered via the IoT search engine Shodan.
This latest botnet comes after malware known as Mirai enslaved IoT devices last fall in what was the world’s largest ever Distributed Denial of Service (DDoS) attack.
The Persirai botnet works by accessing vulnerable IP cameras by the open port on the user’s router and acting like a server, then performing a command injection to force the camera to connect to a download site which will execute a malicious script shell and install malware onto the camera, roping it into the botnet, according to ZDNet.
This allows the cameras to carry out DDoS attacks against target networks, overloading them and causing massive Internet outages such as the ones that occurred last year.
Persirai’s developers have also reportedly taken the step of blocking the exploit they use in order to prevent other attackers from targeting the camera and keep the infected device to themselves.
This is all possible because of manufacturers releasing IoT devices with default login credentials. This allows for anyone with a list of generic admin names and passwords to look up your IP camera and exploit it.
Keep yourself safe and make sure your internet-connected devices have strong passwords. Trend Micro says users should also disable Universal Plug and Play (UPnP) on their routers to prevent devices within the network from opening ports to the external Internet without any warning.
Below is a diagram by Trend Micro illustrating how the Persirai botnet works.
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!