Security & Fraud

Wanna Crash The Internet? Hackers Are Selling A $7,500 “Canon” To Do Just That

As is often the case with cybercrime, the new will likely get worse before it gets better, as it looks like the massive outages last Friday may well just be a taste of things to come — hackers are now selling access to an army of hacked IoT devices ready and able to DDoS the web at will.

In early October security professionals found that hackers were advertising a huge IoT botnet on the Tor-based Alpha Bay market. (The marketplace name comes care of a Twitter post by F-Secure chief research officer Mikko Hypponen.)

“This is the first time we’ve seen an IoT botnet up for rent or sale, especially one boasting that amount of firepower. It’s definitely a worrying trend seeing the DDoS capabilities grow,” said Daniel Cohen, head of RSA’s FraudAction business unit.

The seller was advertising a terabit of traffic – which would come close to meeting the world record DDoS attack, which hit French hosting provider OVH earlier this month at just over 1 terabit.

And the weapon is not terribly costly — for $4,600, anyone could buy 50,000 bots (hacked computers under the control of hackers), whilst 100,000 cost $7,500.

Cohen cannot confirm that this botnet for hire is connected to Friday’s hack attack.

RSA uncovered a botnet for hire made up of IoT devices like connected cameras and fridges. It could generate an astonishing amount of power, the company warned.



Latest Insights: 

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. The May 2019 AML/KYC Tracker, provides an in-depth examination of current efforts to stop money laundering, fight fraud and improve customer identity authentication in the financial services space.

Click to comment


To Top