IoT home routers used to launch application-level DDoS attack

By
IoT home routers used to launch application-level DDoS attack

Eight brands of IoT home routers were compromised and used to create botnets that launched an application- against a website's multiple servers.

Eight different brands of Internet of Things (IoT) home routers were compromised and used to create botnets that launched an application-level distributed-denial-of-service (DDoS) attack against a website's multiple servers.

The application-level DDoS, or Layer 7 HTTPS flood attack, was discovered by security firm Sucuri.

The campaign generated more than 120,000 HTTPS requests per second (RPS) using 47,000 IP addresses, according to a blog post by Securi founder and CTO Daniel Cid. “While we have seen routers being used maliciously in the past, we have never seen them used at this scale,” wrote Cid.

The attack leveraged multiple router providers, including 6,015 router devices manufactured by Huawei Enterprise routers (device versions HG8245H, HG658d, and HG531), 2,119 Mikro RouterOS devices, and 245 AirOS router devices manufactured by Ubiquiti Networks.


NuCom 11N Wireless Routers, Dell SonicWalls, VodaFone, Netgear, and Cisco-IOS routers were also were exploited and used in the attack.

Last week, Level 3 Threat Research Labs and Flashpoint discovered IoT devices targeted by the Lizkebab family of malware (also known as Bashlite, Torlus, or gafgyt) in order to create DDoS botnets.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Upgrading to Windows 10 is still free, if you use this loophole

Upgrading to Windows 10 is still free, if you use this loophole

What's new in iOS 11?

What's new in iOS 11?

Skylake-X and Kaby Lake X: The Core Wars

Skylake-X and Kaby Lake X: The Core Wars

Review: ReMarkable tablet

Review: ReMarkable tablet