The malware , in all its variants, is not the only threat on the Internet. In this case, we have to talk about botnets, computer networks or infected devices to carry out large-scale coordinated attacks. In fact, researchers from a prestigious security firm have just discovered a new botnet of IoT devices that has characteristics and capabilities far superior to the bot networks and IoT malware known to date. It’s called Dark Nexus and they are already selling DDoS attacks for 20 euros.
A botnet is a set or network of computer robots or bots, which run autonomously and automatically, being controlled remotely. One of its habitual uses is to carry out distributed denial of service (DDoS) attacks , but they are also used for sending SPAM, for cryptocurrency mining or for the theft of this type of “currency”. The computers or devices that are part of the botnet are known as “bots” or “zombies”.
Dark Nexus, worse than Qbot and Mirai?
Bitdefender researchers have just discovered a new botnet that is already known as Dark Nexus and that reuses part of the code from other known botnets, such as Qbot and Mirai, albeit with many changes and innovations. As he explains, this botnet only spreads through brute force attacks directed at the Telnet protocol and it has a dictionary of no more than 50 credentials, most of which are predetermined by the manufacturers: root / 1234, default / default , admin / 4321, etc.
At the time it was discovered, it did not have many devices , but researchers believe it can cause significant damage. Furthermore, they confirm that the majority are physically in China, Korea and Thailand, but that the botnet has the ability to hijack Internet of Things devices worldwide.
Its creation is attributed to the Greek Helios, a well-known botnet author who markets services related to DDoS attacks and botnet codes, although it is not confirmed. At the moment, no DDoS attack has been documented with this botnet, but videos have been found on YouTube in which the 40-minute attacks are sold for 20 euros and those with unlimited access for 90 euros.
Bitdefender explains that the attacks it can carry out could be similar to those of Mirai in 2016, which managed to knock down the websites of companies such as Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times in the United States.
