Security firm Incapsula discovers massive botnet, spans 109 countries worldwide

best cable modems internet router
According to a new report from the internet security firm Incapsula, a massive botnet spanning 109 different countries around the world has been tearing its way through SOHO (small office/home office) routers since December of last year.

Set up as a network of devices ready to respond to any DDoS operations its masters might need to launch, the spread of the infection started with the notorious “Spike” malware variant, which has since morphed into what Incapsula refers to as “MrBlack”.

MrBlack is a tool which works by first infecting the device of a user who has left their router security credentials as the default option for remote administration. We spoke about this issue briefly in the last edition of Decrypt This, wherein consumers will keep the username/password combo to get into their home router as “admin” and “password”, respectively. The botnet seeks out any routers tagged with these credentials, and after automatically accessing the hub, will infect the network and lie in wait for its next command.

“After inspecting a sample of 13,000 malware files, we saw that on average, each compromised router held four variants of MrBlack malware, as well as additional malware files, including Dofloo and Mayday, which are also used for DDoS attacks,” said the report’s author.

For now, the hardest hit by the attack are routers made by the little-known company Ubiquiti. The company is primarily concerned with providing bulk network hub solutions that ISPs can lease out to customers on a month-to-month basis, and its involvement just goes to show that as the router industry moves more toward homogeneity and away from specific innovations, the threat to our information and identities becomes greater than ever before.

Incapsula’s investigation into the source of the problem uncovered that about 85% of the devices affected by the problem reside in either Thailand or Brazil, while 21% of the command-and-control servers are located in the United States. Though there’s no hard evidence to make a connection just yet, Incapsula says there has been an increased amount of chatter in a known Anonymous hangout about the botnet, as well as rumblings on Lizard Squad’s Twitter page about a revival of their older Stresser tool.

“Based on the profile of targets and the attack patterns, we know these compromised routers are being exploited by several groups or individuals. For instance, our analysis also shows that several of these malware variants are reporting to AnonOps IRC channel, indicating that Anonymous [could be] one of the groups responsible for exploiting these under-protected devices,” read the report.

These frayed links have leads researchers to believe that even if the two groups aren’t directly involved, they’re still interested in emulating the techniques used by its true perpetrator.

We’ll be keeping a close eye on this botnet as more details about its proliferation surface, so stay tuned to Digital Trends for all the latest updates.


Microsoft reveals details of Surface Hub 2S, coming in June at $9,000

The Surface Hub 2 could be the most expensive whiteboard ever made, but it should be a powerful and capable one. With the ability to connect several of the 50-inch displays together, the picture at least, should be gorgeous.
Movies & TV

The best shows on Netflix right now (April 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Samsung Galaxy S10 update gives manual control of Bright Night mode

Samsung 2019 flagship smartphone lineup is here, and there aren't just two phones as usual — there are four. There's the Galaxy S10, S10 Plus, as well as a new entry called the S10e, as well as the Galaxy S10 5G.

The Department of Justice may prevent the T-Mobile-Sprint merger

T-Mobile and Sprint are getting closer to merging. After a few failed attempts, the two companies announced their merger at the start of 2018. The new T-Mobile could be better positioned to take on the likes of Verizon and AT&T.

Former student uses USB Killer device to fry $58,000 worth of college’s PCs

A former student used a USB Killer device to short circuit more than $58,000 of computers at a private New York college earlier this year. The student pled guilty to the charges and sentencing is scheduled to begin in August.

AMD Ryzen CPU prices get slashed ahead of Ryzen 3000 release

AMD's Ryzen CPUs have had their prices slashed as we edge towards the release of their third generation. Whether you're a gamer or someone who needs multi-threaded performance, there's a deal for everyone with some heavy discounts to take…

The number pad on HP’s Chromebook 15 makes spreadsheet work a breeze

HP's Chromebook 15 comes with a 15.6-inch display, a metal keyboard deck with full-size keys, and a dedicated number pad, making it the second Chromebook model, following Acer's Chromebook 715, to be suited for spreadsheet work.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.

Here's how you can download the best free music players for your Mac

Tired of your Mac's default music player? Take a look at our picks for the best free music players available for your Apple rig. Whether you're a casual listener or an audiophile, you're sure to find something that fits your needs here.

Want to make calls across the internet for less? Try these great VOIP services

Voice over IP services are getting more and more popular, but there are still a few that stand above the pack. In this guide, we'll give you a few options for the best VOIP services for home and business users.

Transform into the ultimate leader with our tips and tricks for Civilization 6

Civilization VI offers both series veterans and total newcomers a lot to chew on from the get-go. Here are some essential starting tips to help you master the game's many intricacies.

AMD’s 2020 Ryzen CPUs could have a big boost in power efficiency

The sequel to AMD's Zen 2-based Ryzen 3000 CPUs is slated for a 2020 release and when it arrives, could leverage the new Zen 3 architecture to deliver impressive gains to performance and power efficiency.

The iPhone’s Screen Time and Siri Shortcuts could land on Macs this year

For its desktop computers, it appears that Apple may continue to draw from the iPhone for inspiration. iOS 12 features, like Screen Time and Siri Shortcuts, are believed to be making their way to MacOS this year at WWDC in June.