Mar 28, 2024 | Updated: 11:35 AM EDT

BrickerBot.3 Makes 1,295 Permanent Denial-Of-Service Attacks In 15 Hours

Apr 27, 2017 05:18 AM EDT

On April 20, a researcher noticed the appearance from out of nowhere of the BrickerBot.3. The newest permanent denial-of-service botnet attacked 1,295 times in 15 hours. The creator used a modified attack script which added several commands designed to provide more shock and awe the targets of its attacks.

BrickerBot.1, which first surfaced on March 20, made 1,895 attack in four days when it was active. BrickerBot.2 makes 12 attacks daily. It is still active, Ars Technica reports. According to Paul Geenens, the researcher who was the first to document the permanent denial-of-service botnet, says there is no correlation between the gadgets used in the previous attack as compared to the current attack.

Geenens adds there is now a BrickerBot.4, another permanent denial-of-service attack which tried to hit devices almost 1,400 times, but it was over a 24-hour period. All four brickerbots are made up of Internet of Things devices that run on an outdated version of the Dropbear SSH server with IP addresses that are public but geographically dispersed. Geenens, from Radware, a security firm, suspects the brickerbots are IoT gadgets that are poorly secured that has been compromised and used to permanently take out devices that are similarly unsecured.

The IoTs that the brickerbots attack are cameras, VRs, and other IoT gadgets that run on BusyBox, a Linux tool package, and have a telnet-based interface that is publicly exposed since the owner did not change the factory default administrative password, Tech Crunch reports. It is the same devices attacked in 2016 by Mirai, an IoT botnet software which generated permanent-denial-of-service attacks on several occasions.

Gizmodo says the hacker who released the brickerbots uses the name Janitor. However, the most fared IoT malware is not BrickerBot.3 or BrickerBot.4 but is still Mirai. It is what crippled the internet of the U.S. in October after it made permanent denial-of-service attacks. It also brought Dyn, one of the largest domain name server companies in the world, to its knees.

Real Time Analytics