Hacker takes over 29 IoT botnets

For the past few weeks, a threat actor who goes online by the name of “Subby” has taken over the IoT DDoS botnets of 29 other hackers, ZDNet has learned.

The hacker exploited the fact that some botnet operators had used weak or default credentials to secure the backend panels of their command and control (C&C) servers.

In an interview today, Subby said he used a dictionary of usernames and a list of common passwords to brute-force his way into the C&C infrastructure of these 29 botnets –some of which were using very weak user:password combos, such as “root:root”, “admin:admin”, and “oof:oof”.

Image: Ankit Anubhav (supplied)

Botnets built by “skidz”

“It’s obvious as to why this is happening,” Subby said in an interview conducted by Ankit Anubhav, a security researcher at NewSky Security and shared with ZDNet.

“A large percentage of botnet operators are simply following tutorials which have spread around in the community or are accessible on YouTube to set up their botnet,” he said. “When following these tutorials, they do not change the default credentials. If they do change the credentials the password they supply is generally weak and therefore vulnerable to brute forcing.”

What Subby is saying isn’t anything new, at least for the security researchers who’ve been tracking IoT botnets.

Last month, Anubhav also interviewed the author of the Kepler IoT botnet, who admitted to having built the botnet following a tutorial and using random exploits he downloaded from the ExploitDB website.

Most IoT botnets today are built in a similar manner, by hackers, most of who are teenagers without any technical skills. They often forget to change default credentials (as it happened before, in June 2018) or change the IP address of their C&C server (as it happened last week, sending bot traffic into an abyss).

All 29 botnets accounted for a meager 25,000 bots

According to Subby, none of 29 hijacked botnets were particularly large in size. The hacker said that an initial bot count revealed a total of nearly 40,000, but after removing duplicates, the actual count was a meager 25,000 –which is considered low for one IoT botnet alone, let alone 29.

“I was able to get a reliable network traffic graph produced of the traffic generated from all the botnets combined and it was just under 300gbit/s,” Subby said, which is, also, a pretty low traffic output.

Anubhav’s full interview with Subby, which touches on other topics, is available here.

Related malware and cybercrime coverage:

We're A Dallas Digital Marketing Agency That is Experts At Social Media Marketing, Website Design and Emarketing and Promotion.

RECOMMENDED POSTS

5 Ways to Protect Your Business from COVID-19 Phishing Scams

September 21, 2020 No Comments

4 Ways to use AI for Mobile App Personalization

April 14, 2020 No Comments

Appture Digital is full-service, not full price. We provide Web Development, SEO, Videography, Internet Marketing, EMarketing & Social Media Management.

Microsoft discloses security breach that impacted some Outlook accounts

April 13, 2019 No Comments

Marketing Tips You Need

Client Reviews Tell The Tale.

Nicole NoblesApril 18, 2024

Dan was a delight to work with. I needed a few headshots taken for my LinkedIn profile and Dan provided the easiest and most comfortable experience using state-of-the art equipment in a very professional setting. Also, the turn-around time on results was quick and I felt completely engaged and satisfied during the entire process. I highly recommend his services.Donny RitcharoenDecember 19, 2023

I got headshots taken and they turned out so well! The lighting was amazing.Tessa ChanMay 30, 2023

We used Appture to build a lodging website, and they were awesome! Dan went above and beyond to show us the functions and make all of our changes. Appture is our go to for web design from now on!Abigail HaleOctober 26, 2022

Appture knows their business and will go the extra mile for their customers. They do high quality work and provide great ongoing support.Chris McCorkindaleMay 24, 2022

Anita CauthornMay 24, 2022

It’s so rare in these times to find one man with so much wow factor and more rare to find men with similar interest and passion in their life journey as myself . Dan Elliott has been introduced to many in what is now considered as the Terror Dome , a place where many dreams are not deferred they are detoured to routes that lead to dead ends , he comes in full of optimism so infectious that he, maybe with out knowing is energizing those who have ventured where others would fear going with just the right jolt to forge on in the way of helping fallen humanity … His various fields of expertise has helped many in my region and I can only imagine the number he has effected beyond those I know … from day one I knew “ this was a man of kindred spirit “ Dan Elliott is a Gem and adds glimmer to things he touches … I’m a Witness ….and eternally grateful….L.Rashaan RichMay 21, 2022

Dan and his group are highly capable and knowledgeable. They work fast and get the job done. I highly recommend Appture.Justin FrankMarch 26, 2022

They are highly specialized in their work and constantly seek innovation.Ismail YenigulMarch 14, 2022

Dan is a marketing wizard. Honest, Experienced and a read deal. I am blessed to have him in my journey online :) Highly recommended.Sabbir HasanMarch 7, 2022

So much to say. Creative, Intelligent, Talented, Limitless, Affordable. It's amazing what these guys can do.Hack mackMay 17, 2019

We'd used some other agencies before, but man, they simply knocked us all over. After being in business for 30 years, I wonder how much more business we'd be doing if we'd hired them earlier.Rebecca HoneaMay 17, 2019