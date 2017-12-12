A massive new IoT botnet dubbed Satori has emerged, which security researchers fear, can launch crippling attacks at any time. A

According to the International Business Times the botnet has already infected more than 280,000 IP addresses in just 12 hours, enslaving hundreds of thousands of home routers by exploiting a recently discovered zero-day vulnerability.

Satori which means “awakening” in Japanese, is actually the Mirai botnet's successor.

According to a new report by security researchers at Qihoo 360 Netlab, the Satori botnet can propagate rapidly by itself, which essentially makes it an IoT worm. Bleeping Computer reported that instead of using a scanner to search for vulnerable routers, the botnet uses two exploits that attempt to connect with devices on ports 37215 and 52869.

By reportedly abusing the zero-day vulnerability in Huawei Home Gateway routers, Satori was able to infect even routers secured with strong passwords. Apparently the Satori botnet's operators could launch an Internet-crippling DDoS attack at any time. At the moment, security researchers appear to be still gathering more information about the botnet by tracking its activities, in efforts to block any new control channels it may leverage.

Dale Drew, chief security strategist at CenturyLink, told ArsTechnica: "The scary story is we have botnet operators desperately trying to get access to nodes numbered in the hundreds of thousands if not millions. We've always said it takes a village to protect the Internet. When we find a bad guy we're getting that information sinkholed and blocked much more quickly."

This article originally appeared at scmagazineuk.com