Advantage IT Management Blog

Advantage IT Management has been serving the Mobile area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Risks of Unsecured IoT Devices were Made Clear by the RSOCKS Botnet

The Risks of Unsecured IoT Devices were Made Clear by the RSOCKS Botnet

If you have never heard of a botnet, they are scary entities indeed. Imagine countless connected devices from all over the world, all joined together by malicious actors who want to use these infected devices to launch massive attacks against businesses, organizations, and governments. One such attack was launched by a Russian botnet consisting of millions of Internet of Things devices. Thanks to the efforts of the United States Department of Justice and various law enforcement agencies throughout Germany, the United Kingdom, and the Netherlands, it has been brought to a halt.

What is the RSOCKS Botnet?

This botnet was the one responsible for hacking into countless computers and connected devices all over the world. This botnet acted as a proxy service. It was advertised as selling legitimate IP addresses through an Internet service provider, instead opting to sell the IP addresses assigned to devices that had been hacked by the botnet. In other words, hackers were using the service to conceal their true locations so that law enforcement could not act against them.

The attacks were generally carried out against authentication portals, and since they were using hacked IP addresses, pinning down the origin of these attacks was difficult. The Department of Justice reports: “It is believed that the users of this type of proxy service were conducting large-scale attacks against authentication services, also known as credential stuffing, and anonymizing themselves when accessing compromised social media accounts, or sending malicious email, such as phishing messages.”

So, What Happened to the Botnet?

The FBI has seized control of the RSOCKS botnet and its website, where users could purchase IP addresses. To give you an idea of what these services were going for, the prices ranged from $30 per day for 2,000 proxies to $200 per day for 9,000 proxies. If the user committed to a purchase, they could download the list of IP addresses and ports, which they could then use to route traffic through the cracked devices, thereby concealing their identity. At first, the botnet was made up of infected IoT devices, but computers and Android devices also fell victim to it as the botnet grew larger and larger.

Considering how hackers could quite easily take advantage of this service, you should be concerned with how to protect your business from these types of threats.

How Can You Protect Your Business from Botnets?

Botnets are a prime example of why you should understand and be aware of the security shortcomings associated with Internet of Things devices. IoT devices are typically chosen for these types of hacks because they are often unsecured or still use their default passwords, making them easy targets for hackers to compromise. If your organization uses IoT devices in any capacity, we recommend that you set up an alternative network specifically for them. Additionally, you should implement more strict security policies for them when possible.

We know it’s not always easy to protect your business, but it doesn’t take a genius to rely on experts for all of your security needs, either. You can focus on running your business while Advantage IT Management handles the heavy lifting. To learn more, reach out to us at 251-662-9770.

Making Up for the Shortcomings in a Hybrid Work St...
Streaming is a Major Part of Modern Life—Here’s Ho...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, August 12 2022

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

kanwal liaquat Most Noteworthy Data Breaches in 2019
24 August 2021
I agree with you data security is like a joke. Your data is never saved once you step on the interne...
RyanMcCawley Is it Wrong to Purchase Access to Your Own Data?
11 November 2020
As we know there are so many colleges and universities. From http://www.carwrapsanantonio.net/ stude...
WilliamMMartin What You Need to Know to Manage a Remote Workforce
29 April 2020
Managing a remote workforce is tough, but now a day it is the requirement and we all need to take ca...
Malcolm Quinn Gmail and the G Suite Get Overhauled with A.I.
13 April 2020
Some of the sites on the link can be overhauled and users can get different advantages. On the other...
Avye Goodwin ALERT: Change Your Twitter Password, Says Twitter
25 March 2020
When you create your Twitter account you have to make your password secure and healthy so that you c...