Hackers are now avid to add IoT devices to their botnets, in order to do that they are increasingly adding vulnerability exploitation to their cyber attack arsenal.
Gone are the days when they were just relying on a list of common or default passwords or brute-forcing attacks. Nowadays everything counts, because IoT devices are rarely updated and manufacturers take a lot of time to push out fixes for known flaws, hackers are relying on those old exploits to enslave as many devices as they can.
Currently exploitable vulnerabilities:
• CVE-2014-8361, an RCE that affects the miniigd SOAP service in Realtek SDK, publicly disclosed in April of 2015
• CVE-2015-2051, an RCE affecting D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier
• CVE-2017-17215, a vulnerability in Huawei’s HG532e home gateway disclosed and patched in December 2017.
• CVE-2018-10561, an authentication bypass flaw affecting Dasan GPON home routers.
The vulnerabilities are being exploited by various attackers to deliver several Mirai variants like Satori, or JenX
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Based on the data collected from the cyberattacks, researchers discovered that it takes less than one day before a new set up IoT device is hit with vulnerability exploitation attempts, and less than 5 minutes before login attempts using default IoT credentials are directed at it.
Also noticed was the fact that there is a quick turnaround time from when a vulnerability is made public to when botnet authors integrate them into their botnet.
On the cyberspace there is a mixture of new and older IoT related vulnerabilities that are coming în a constant stream, researchers say.
This thing happens to two main reasons:
First, IoT devices can sit on a shelf for weeks on end before being purchased. If a security update is released for the device, it won’t be applied to these devices until the software is updated. Thus, leaving the device vulnerable out of the box.
Second, IoT devices receive patches at a very slow rate, because many times these devices are viewed as ‘set and forget’ type of devices.
In conclusion: the trend of IoT vulnerability exploitation will continue in the coming year for sure, thanks to an easy to update botnet source code that can be used to add new exploits.
Keep in mind that our modern society is dependent on computers, mobile devices, and the use of the internet always stay safe and secured.
We would continue to monitor the cybersecurity world. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.