31478 Industrial Road Suite 200, Livonia, Michigan 48150 sales@xfer.com

XFER Blog

XFER Blog

XFER has been serving the Livonia area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The RSOCKS Botnet Shows the Dangers of Unsecured IoT

The RSOCKS Botnet Shows the Dangers of Unsecured IoT

Botnets are nefarious entities consisting of countless connected devices, all of which have been infected by hackers to perform malicious deeds. One such botnet, a Russian botnet consisting of millions of infected Internet of Things devices, has been dismantled and taken down by the United States Department of Justice and various law enforcement agencies throughout Germany, the United Kingdom, and the Netherlands.

The RSOCKS Botnet

The RSOCKS botnet was responsible for hacking into countless computers and other connected devices all over the globe, according to the Department of Justice. This particular botnet was operating as a proxy service. While it advertised selling legitimate IP addresses through an Internet service provider, or ISP, it was instead offering IP addresses assigned to devices hacked through the botnet. The purpose of this service was for hackers to conceal their IP addresses from law enforcement while they launched attacks against authentication portals.

In other words, hackers were using these hacked IP addresses to conceal their activity while they launched attack after attack against authentication platforms. The Department of Justice reports: “It is believed that the users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages.”

What Happened to RSOCKS?

The FBI has since seized control over RSOCKS’ website, where users could purchase IP addresses. The price points for these services ranged from $30 per day for 2,000 proxies to $200 per day for 9,000 proxies. If a user committed to making the purchase, they could download their list of IP addresses and ports, which they could then use to route traffic through the cracked devices to obscure their true identity. The botnet was first built using infected IoT devices, but it later took advantage of Android and other types of computers, too.

When services like this are so affordable, even to the layman hacker, you cannot afford to not take them seriously.

What Can Be Done?

This type of threat shows the security shortcomings of Internet of Things devices, something which your business needs to be well aware of if it is to successfully protect itself from threats such as this. The reason behind why Internet of Things devices were chosen as outlets for these attacks is that many are distributed with their default passwords, easily allowing hackers to bypass their security features and take advantage of them. If you do utilize IoT devices, you should use the same security standards that you would use for other, more advanced devices, like more strict password policies or dedicated networks specifically partitioned off for IoT devices.

XFER can help you take all the appropriate measures needed to secure your business. To learn more about what we can do for your organization, reach out to us at 734-927-6666 / 800-GET-XFER.

A Look Back at Q1 2022’s Worst Data Breaches
Zero-Trust Policies Can Keep Your Business Secure
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Sunday, 22 December 2024

Captcha Image

Customer Login


Cybersecurity Risk Assessment

cybersecurity-audit

Our risk assessment will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.

Request Yours Today!

Contact Us

Learn more about what XFER can do for your business.

XFER Communications, Inc.
31478 Industrial Road Suite 200
Livonia, Michigan 48150