A new cyber threat targeting Internet-connected devices is spreading rapidly and could enable hackers to identify vulnerabilities and access users’ data or use their devices for criminal activities.
The Maharashtra Cyber Department is in the process of issuing a state-wide advisory outlining steps to prevent potential targets from falling prey after the New Delhi-based Computer Emergency Response Team (CERT) said it has received intelligence inputs about a massive cyber attack on several countries, including India. The CERT is the country’s central cybersecurity agency.
Malware Reaper is acquiring internet-connected devices, including WiFi routers, CCTV cameras and digital video recorders, for a coordinated attack, said state cyber police on Thursday. Reaper, the malware that is taking over millions of devices around the world, is a highly evolved and advanced malware.
The threat, which resembles last year’s widespread Dyn attack, one of the largest DDoS (distributed denial-of-service) attacks so far, has reportedly infected nearly two million devices around the world. It is gathering bots and taking over 10,000 devices connected to the internet per day. The number is “actively growing”. “As the threat continues to grow, it could cause devastating effects through DDOS attacks as seen in the Dyn incident.” Last October, a large scale DDoS attack hit United-States-based Domain Name Services (DNS) service provider Dyn, taking out many popular websites including Twitter, Netflix and PayPal.
In July 2016, small and medium Internet Service Providers were under attack from unknown parties, who were pinging their servers incessantly to the point where the servers crashed, denying service to their clients and causing loss of revenue.
Drawing a comparison to the Mirai malware that took over five lakh machines last year, Inspector General of Police Brijesh Singh, Maharashtra Cyber, said, “Mirai was programmed to only hack devices with a certain kind of vulnerability. Reaper is capable of identifying vulnerabilities in devices and coming up with ways to penetrate them based on these, which makes it much more dangerous.”
According to sources, the imminent DDOS attack, which is believed to be on a much larger scale, is being readied using malware known by two names, Reaper and IoTroop.