the Mirai botnet last year. Those attacks – the biggest yet seen on the internet – hijacked smart devices such as CCTV and video cameras and used them to launch DDoS attacks against targeted organizations including cyber journalist Brian Krebs, the French web hosting firm OVH, and the internet provider Dyn. The last attack had knock-on consequences felt across the web as some popular sites such as Reddit, SoundCloud, Spotify, and Twitter were knocked offline.
Reaper reuses some of the Mirai code and shares some operational similarities with it. They target IoT devices, enlist them into their botnet army, and both are technically considered computer worms as they automatically spread from one device to another.
But there are distinct differences. Reaper has taken a more sophisticated approach to finding victims than Mirai, hunting for nine vulnerabilities in a range of consumer and business-focused IoT devices. About half of these vulnerabilities are fairly new, giving Reaper a wide-open window of opportunity to exploit. Mirai primarily harnessed default user names and password combinations hardwired into devices – a common feature in older, first-generation smart devices.
So far, Reaper has also been far more discrete than Mirai as it searches for vulnerable devices. Whether accidental or by design, this has allowed Reaper to have a lower profile as it expands its reach. The big question mark is what it will do with the devices and networks that it is adding to its botnet army – will there be a new wave of DDoS attacks or will this army do something else like distributing spam or malware?
If and when Reaper goes ballistic and tries to blow up the internet; SafeThings™ is already prepared to protect networks, smart homes, and the smart devices in these networks.
SafeThings™ is the new gateway security platform from Avira. Powered by our advanced AI and machine learning techniques, it automatically enforces a security and privacy umbrella at the gateway after identifying smart devices in the house and determining normal behavior patterns. It can run completely autonomously while still giving the end users a transparent look at their home network activities. Installed on top of existing infrastructure (router or at the internet gateway) by the provider, Avira SafeThings™ frees the end user from DIY installation headaches and the need to buy additional hardware.
Altogether, these three steps considerably reduce the attack surface within a network or a smart home – a very critical strategy feature for smart device botnets. And with Avira SafeThings™ these steps can be done automatically, without requiring the end user to do anything to secure their smart home.