A family of malware has infected more than 1 million internet-enabled devices for potential use as a botnet for hire.
According to a Level 3 Threat Research and Flashpoint report, hacker groups like Lizard Squad and Poodle Corp harness the devices to provide “distributed denial of service attacks as a service” to individuals—or for their own plans.
The malware goes by many names—Lizkebab, BASHLITE, Torlus and gafgyt—and has spawned many variants since its source code popped up in early 2015, the report said. Security cameras and DVRs make up the bulk of the bots.
Researchers identified more than 200 command and control servers that communicate with a varying number of bots with the largest talking to 120,000.
The report warned IoT manufacturers need to take security more seriously and that hackers will continue to target devices with weak security.
“Before spending more energy on traditional bot hosts, they’ll take advantage of the abundance of insecure IoT devices. Until IoT device manufacturers start attending to security and device owners stop connecting them insecurely to the internet, we can expect this trend to continue,” the report said.