Even before the term IoT was coined, we had the routers at the gateway, most of the time publicly exposed on the internet. In the context of the IoT, the router is perhaps the most important device for the whole infrastructure. All traffic goes through it and it allows for the provision of many services, such as Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), content filtering, firewalls, and Voice over Internet Protocol (VoIP), to all connected devices, including computers, smartphones, and IP cameras. If an attacker is able to compromise the router, every device connected to it can be affected. And that’s what a hacking group in Brazil just did.Read More
If there is anything to be learned from the massive attacks that have been seen on connected devices, it is that the internet of things (IoT) is riddled with vulnerabilities. We have seen this time and again with how botnets are created from system weaknesses and have harnessed poor basic security to disrupt many devices and services.
In the past year, we embarked on a closer look at the security of IoT devices around the world. We chose devices that are available in different Amazon regions and are widely used in the Japan market, and tried to find out whether remote code execution (RCE) is possible. What we ended up finding out was more than that.Read More
Our network monitoring system recently detected an enormous amount of Mirai-like scanning activity from China. From 1:00 p.m. UTC on March 31 to 12:00 a.m. UTC on April 3, our team detected an influx of activity coming from 3,423 IP addresses of scanners. Brazil appeared to be the target location of the scanning of networked devices, including routers and IP cameras.Read More
Early this month we discussed a new Internet of Things (IoT) botnet called Persirai (detected by Trend Micro as ELF_PERSIRAI.A), which targets over 1000 Internet Protocol (IP) camera models. Currently, through Shodan and our own research, we see that 64% of tracked IP cameras with custom http servers are infected with Persirai. But, because these cameras are such common targets, there is some competition between malware.Read More
A new Internet of Things (IoT) botnet called Persirai has been discovered targeting over 1,000 Internet Protocol (IP) Camera models based on various Original Equipment Manufacturer (OEM) products. This development comes on the heels of Mirai—an open-source backdoor malware that caused some of the most notable incidents of 2016 via Distributed Denial-of-Service (DDoS) attacks that compromised IoT devices such as Digital Video Recorders (DVRs) and CCTV cameras—as well as the Hajime botnet.Read More