Security firm Incapsula discovers massive botnet, spans 109 countries worldwide

best cable modems internet router
According to a new report from the internet security firm Incapsula, a massive botnet spanning 109 different countries around the world has been tearing its way through SOHO (small office/home office) routers since December of last year.

Set up as a network of devices ready to respond to any DDoS operations its masters might need to launch, the spread of the infection started with the notorious “Spike” malware variant, which has since morphed into what Incapsula refers to as “MrBlack”.

MrBlack is a tool which works by first infecting the device of a user who has left their router security credentials as the default option for remote administration. We spoke about this issue briefly in the last edition of Decrypt This, wherein consumers will keep the username/password combo to get into their home router as “admin” and “password”, respectively. The botnet seeks out any routers tagged with these credentials, and after automatically accessing the hub, will infect the network and lie in wait for its next command.

“After inspecting a sample of 13,000 malware files, we saw that on average, each compromised router held four variants of MrBlack malware, as well as additional malware files, including Dofloo and Mayday, which are also used for DDoS attacks,” said the report’s author.

For now, the hardest hit by the attack are routers made by the little-known company Ubiquiti. The company is primarily concerned with providing bulk network hub solutions that ISPs can lease out to customers on a month-to-month basis, and its involvement just goes to show that as the router industry moves more toward homogeneity and away from specific innovations, the threat to our information and identities becomes greater than ever before.

Incapsula’s investigation into the source of the problem uncovered that about 85% of the devices affected by the problem reside in either Thailand or Brazil, while 21% of the command-and-control servers are located in the United States. Though there’s no hard evidence to make a connection just yet, Incapsula says there has been an increased amount of chatter in a known Anonymous hangout about the botnet, as well as rumblings on Lizard Squad’s Twitter page about a revival of their older Stresser tool.

“Based on the profile of targets and the attack patterns, we know these compromised routers are being exploited by several groups or individuals. For instance, our analysis also shows that several of these malware variants are reporting to AnonOps IRC channel, indicating that Anonymous [could be] one of the groups responsible for exploiting these under-protected devices,” read the report.

These frayed links have leads researchers to believe that even if the two groups aren’t directly involved, they’re still interested in emulating the techniques used by its true perpetrator.

We’ll be keeping a close eye on this botnet as more details about its proliferation surface, so stay tuned to Digital Trends for all the latest updates.

Smart Home

After camera hacks, Nest locks customers out until they change their password

Nest is locking people out of their accounts if it believes there may have been a breach. Users will have to set up a new, secure password before they are able to regain access to their account.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Mobile

Samsung beefs up just about everything in its Galaxy S10 smartphone range

Samsung has unveiled its 2019 flagship smartphone lineup, and there aren't just two phones as usual -- there are four. There's the Galaxy S10, S10 Plus, as well as a new entry called the S10e, as well as the Galaxy S10 5G.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Norsemen’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Computing

RTX might be expensive, but the 16 series could have the best Nvidia Turing GPUs

Set to debut at a step below the RTX 2060 on the price and performance spectrums, the GTX 1660 Ti and its other 16-series brethren could be Nvidia's killer mid-range cards of 2019 — especially with Tensor Core-powered DLSS.
Computing

Ryzen 3000 chips will be powerful, and they might be launched as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far, based on both leaks and the recent…
Product Review

Razer just made our favorite gaming laptop even more powerful than before

The Razer Blade, our favorite gaming laptop, is now more powerful than ever before. That’s thanks to the new Nvidia RTX graphics cards inside. Do they help Razer retain its edge over the competition?
Computing

With no plans for merging operating systems, Apple opts to combine apps instead

Apple is working on combining all of the the apps it offers to iPhone, iPad, and Mac users by 2021. App developers will soon be able to build and submit one version of their apps to be used by Apple product users.
Gaming

These are the coolest games you can play on your Google Chrome browser right now

Not only is Google Chrome a fantastic web browser, it's also a versatile gaming platform that you can access from just about anywhere. Here are a few of our favorite titles for the platform.
Computing

Amazon takes $200 off Apple’s latest 13-inch MacBook Air with retina display

Amazon is taking $200 off Apple's latest MacBook Air. This MacBook Air has 13-inch retina display, a built-in FaceTime HD camera, and that classic lightweight wedge shape the Air is loved and known for.
Deals

Samsung drops a solid $100 discount on the Chromebook Pro

If you're in the market for a new laptop, but can't afford to drop $1,000 on one of the best models out there, Chromebooks are an excellent option. Right now, Samsung is offering $100 off the Samsung Chromebook Pro.
Computing

Between Intel and AMD, these are the best gaming CPUs at every price

What are the best processors for gaming you can buy? You don't need to spend a fortune to get an amazing gaming CPU and now that AMD is competitive again, there are more choices than ever.
Computing

Our favorite Chrome themes add some much-needed pizzazz to your boring browser

Sometimes you just want Chrome to show a little personality and ditch the grayscale for something a little more lively. Lucky for you, we've sorted through the Chrome Web Store to find best Chrome themes available.
Computing

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.