The Council on Foreign Relations, a non-profit US-based think tank, ended 2018 with a report arguing that we need to work towards an internet with zero botnets. Yes, botnets, those malicious powerhouses that are each comprised of anywhere from thousands of enslaved devices to millions of enslaved devices. In the defence of the Council on Foreign Relations, they never said it would be easy, they just said it’s what needs to happen because botnets are the bane of the internet. They are correct.
The history of botnets and their associated attacks and other malicious accomplishments like DDoS, spam and cryptojacking is long and storied, since botnets have been at it for decades. However, there isn’t much point in looking to the past when the current botnet situation is so scary.
Here are three pieces of bad news you need to know about botnets.
A scary-smart malware is building a botnet and no one knows what it’s for
If there’s one thing a botnet loves, it’s IoT devices. With the huge number of IoT devices connected to the internet – currently estimated to be somewhere around seven or eight billion – and their typically lax security, they’re ripe for the picking for botnet malware designed to guess default usernames and passwords. Now, unfortunately, it would seem they’re also ripe for the picking for a scarily brilliant botnet malware armed with over 100 variants of its malware payload, a range of commands designed to ensure payload delivery, and the capability of infecting between 15 and 20 IoT architectures. Forget about wiping this malware with a reboot of the device as well, because it has seven different methods of persistence all in use at once.
Beyond being a major step up in what botnet malware is capable of, not much is known about the so-called

View Entire Article on