Could Botnet Play Hide ‘N Seek With Agency IoT Devices? – MeriTalk
The Hide ‘N Seek (HNS) Internet of Things (IoT) botnet, which initially targeted home routers, IP cameras, and video recorders, has been expanded by cybercriminals to target two NoSQL database servers, making it a cross-platform botnet.
Discovered in January by researchers from the antivirus firm Bitdefender, Hide ‘N Seek uses custom-built peer-to-peer (P2P) communications techniques to exploit victims and to also build its infrastructure, according to company researchers.
HNS initially targeted IP addresses on ports 80 (HTTP), 8080 (HTTP) and 23 (Telnet), but was tweaked to include remote code execution exploits to target NoSQL databases Apache CouchDB (port 5984) and OrientDB (port 2480) quite possibly for cryptocurrency mining, according to security researchers at Netlab.