18000 routers taken hostage in less than a day
How long does it take to build a botnet? Some might think a couple of days, maybe a week, perhaps even a month. But this couldn’t be further from the truth: according to NewSky Security it took merely a day for the latest botnet to be built.
An old vulnerability for a new botnet
Apparently a clever and well known malware writer identifying with the pseudonym “Anarchy” created the latest botnet. By exploiting a Huawei HG532 router vulnerability, he managed to gather 18,000 routers in less than 24 hours, which is crazy much. According to what the researchers told Bleeping Computer, he also plans to use a similar Realtek router vulnerability to add even more drones to his botnet.
Just in : IoT hacker identifying himself as "Anarchy" has claimed to hack about 18000+ Huawei routers.The vulnerability is 2017-17215, leaked last Christmas & used in satori
— Ankit Anubhav (@ankit_anubhav) July 18, 2018
The crazy part is: All those exploits are already well known and documented. They both attack open ports in routers, in this case port 37215 on the Huawei ones, and port 52869 on the Realtek devices.
What is the cybercriminal up to?
Right now it is unsure what Anarchy wants to do with the botnet but with enough routers in it he can wreak definitely enough havoc, for example with DDoS attacks.
With enough devices in it, the culprit can attack an internet server and take it down. This will make it unavailable for the users and can lead to some serious money loss for the company / individual being attacked. Some botnets even go so far and offer a service for others to take down websites, services, or servers of their choosing.
This article is also available in: German