IoT home routers used to launch DDoS attack

By on
IoT home routers used to launch DDoS attack

Eight different brands of internet of things home routers were compromised and used to create botnets that launched an application-level distributed-denial-of-service (DDoS) attack against a website's multiple servers.

The application-level DDoS, or Layer 7 HTTPS flood attack, was discovered by security firm Sucuri.

The campaign generated more than 120,000 HTTPS requests per second (RPS) using 47,000 IP addresses, according to a blog post by Securi founder and chief technology officer Daniel Cid.

"While we have seen routers being used maliciously in the past, we have never seen them used at this scale," wrote Cid.

The attack leveraged multiple router providers, including 6,015 router devices manufactured by Huawei (device versions HG8245H, HG658d, and HG531), 2,119 Mikro RouterOS devices, and 245 AirOS router devices manufactured by Ubiquiti Networks.

NuCom 11N Wireless Routers, Dell SonicWall, Vodafone, Netgear, and Cisco-IOS routers were also exploited and used in the attack.

Last week, Level 3 Threat Research Labs and Flashpoint discovered IoT devices targeted by the Lizkebab family of malware (also known as Bashlite, Torlus, or gafgyt) in order to create DDoS botnets.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

What does your business want for Christmas?
Skilled people who'll take Elves' wages
A stocking full of good leads
Please, Santa, drop some cash down the chimney!
All status indicators green like misteltoe, none red like Rudolph's nose
A peaceful, relaxing time for the team and our clients, and all their families
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?