Death Botnet
The Death Botnet is a network of devices by AVTech that have been compromised by criminals. Botnets, in general, are made up of large numbers of infected computers that can be controlled by an attack to carry out coordinated attacks and a variety of harmful operations that create the benefit of having large numbers of infected computers at one's disposal. The Death Botnet is made of hardware produced by AVTech mostly, a company that produces a wide variety of devices, which include routers and cameras. Criminals have managed to find an old vulnerability in these devices' firmware and used it to gain access to devices that have not received the latest security patch. Using this vulnerability, the criminals can write commands into the password filed in the devices' login Web page, allowing them to take control of the device and use them to run a corrupted code.
Table of Contents
How the Death Botnet is Implemented
Most devices created by AVTech have network connectivity and can be accessed from the Web. The criminals associated with the Death Botnet can scan the targeted server in search for access to hardware associated with AVTech. They will then take advantage of the vulnerability to install harmful software. However, an update to these devices' firmware was released in 2016, which would prevent the criminals responsible for Death Botnet to exploit this vulnerability. For all that, this vulnerability has remained unpatched in the case of most users of this hardware, making the devices vulnerable to becoming part of the Death Botnet. When the criminals find a device connected to the Internet, they will enter certain strings into the password field that allows them to install Death Botnet on these devices. This adds a new user account to the device and allows the criminals to issue commands to the devices, which may include a wide variety of hardware such as sensors and cameras.
Some Details about the Death Botnet Attack
Once the new user account has been created on the targeted device, the attackers can access the device and install Death Botnet's malware. The user account that allows for the installation of this unsafe program will only exist for a few minutes, and then it will be deleted to prevent the victim from realizing what has happened. The devices that are part of the Death Botnet can be used for a vast variety of attacks. For example, this botnet may be rented to carry out DDoS (Distribute Denial of Service) attacks. This leverages the power of having numerous infected devices to overload a website or server with multiple requests, forcing it shut down or slow down considerably. It is also possible to use Death Botnet's botnet to become anonymous online, store corrupted data, or as a source for other malware attacks (providing a server from which malware can be downloaded). Botnets like Death Botnet also can be used to send out massive quantities of spam email or instant messages.
Protecting Your Devices from the Death Botnet
It is important to realize that the exploit used to deploy Death Botnet is two years old. Because of this, computer users in charge of an AVTech device should ensure that their firmware is up-to-date completely. Although PC security researchers have spotted the Death Botnet, and it is clear that there are numerous devices that are part of this large network of infected devices, it is still unclear what, if any, the attacks of the Death Botnet have been involved in. Therefore, it is most important than ever that computer users using these devices take steps to ensure that they are safe and protected. Since the devices that are part of the Death Botnet involve a large number of surveillance devices, such as cameras and monitors, this gives the Death Botnet's the potential for espionage and real-world applications threatening particularly.
