Default Passwords Aid Satori IoT Botnet Attacks – Infosecurity Magazine
Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.
Researchers at Netlab 360 detected a surge in malicious activity scanning and infecting several IoT devices, attempting to make them part of Satori, a variant of the Mirai botnet that is used to take down websites and mine digital coins. Experts point to lack of oversight in IoT and the cursed default usernames and passwords as the reason why hackers are leveraging this critical vulnerability in D-Link DSL routers.
While Mirai was rampant two years ago, Satori was first discovered in late 2017 infecting more than 260,000 home routers within 12 hours, according to a 15 June post from Netlab 360. Researchers recently noted that the Satori author released a worm, targeting for D-Link DSL-2750B devices. In this latest uptick of malicious activity, this Satori variant has been taking advantage of recently discovered device exploits. It also carries distributed denial-of-service (DDoS) capabilities and has been reported to have launched several DDoS attacks, according to a report from Radware.