Kaspersky researchers have recently discovered a concerning trend on the dark web, where over 700 advertisements are offering Distributed Denial of Service (DDoS) attacks through Internet of Things (IoT) devices [1] [2]. This poses a significant threat to cybersecurity.
Description
These advertisements on the dark web offer a range of DDoS attack services using IoT devices, with prices ranging from $20 per day to $10,000 per month [1] [2] [3] [4]. On average, these attacks cost $63.50 per day or $1350 per month [2]. The dark web is also a hotbed for exploits targeting zero-day vulnerabilities in IoT devices [1] [2], as well as bundled IoT malware [2].
To counter rival malware [2], cyber-criminals are implementing tactics such as firewall rules and disabling remote device management [2]. The primary method of infecting IoT devices is through brute-force attacks on weak passwords, particularly on the unencrypted Telnet protocol [1] [2]. China [1] [2] [3] [4], India [1] [2] [3] [4], and the United States are the main sources of these attacks [1] [2].
There has been a significant increase in attacks on IoT devices, with a notable expansion of IoT malware services on the dark web [5]. It is projected that the number of IoT devices worldwide will exceed 29 billion by 2030. Hackers commonly use brute force attacks on the Telnet protocol and exploit vulnerabilities in IoT web interfaces to compromise these devices and turn them into botnets.
Researchers have also discovered a growing presence of IoT malware [5], including DDoS botnets [5], ransomware [5], miners [5], proxy bots [5], and DNS settings changers [5]. Many of these malware variants are linked to the infamous Mirai botnet. Additionally, the dark web offers services for DDoS attacks and exploits for zero-day vulnerabilities in IoT devices [5].
Conclusion
These findings highlight the urgent need for enhanced cybersecurity measures and proactive protection for IoT devices. It is crucial for both consumer and industrial IoT devices to have enhanced cybersecurity. Vendors must prioritize product security and actively protect users [2]. Measures such as changing default passwords, regularly releasing patches to address vulnerabilities, and taking a responsible and proactive approach to IoT security are essential to safeguard users. The implications of these threats are significant, and it is crucial to address them promptly to ensure the security of IoT devices and the protection of users’ data.
References
[1] https://www.infosecurity-magazine.com/news/700-dark-web-ads-offer-ddos/
[2] https://gillettnews.com/news/the-dark-web-a-hub-for-iot-exploits-and-ddos-attacks/124987/
[3] https://cybersecurity-see.com/over-700-dark-web-ads-offer-ddos-attacks-using-iot-by-2023/
[4] https://vmblog.com/archive/2023/09/22/kaspersky-releases-overview-of-iot-related-threats-in-2023.aspx
[5] https://www.techzine.eu/news/security/111571/kaspersky-hackers-increasingly-active-in-iot-device-market/
