Bitdefender has just discovered a powerful new botnet called Dark Nexus . Affects IoT devices. Keep in mind that it is a botnet with characteristics and capabilities far superior to others that we have seen and that it also affects devices that are known as the Internet of Things. A problem that, as we see, can seriously affect the privacy and security of users.
Dark Nexus, the new botnet discovered by Bitdefender
Keep in mind that Bitdefender is one of the best known computer security companies worldwide. This time they have discovered a new botnet called Dark Nexus that directly attacks IoT devices. According to the researchers who have worked on this discovery, it uses shared code with other botnets such as Qbot and Mirai. However much of its main modules are original.
They indicate that Dark Nexus only spreads through brute force attacks directed at the Telnet protocol. This is how they can get a large number of infractions with a low cost. To do this, they use a dictionary that has the most popular and used credentials, such as root / 1234, default / default, admin / 1234 …
Using these generic credentials is the way you have to break security . Once again we see the great importance of always changing the data that comes from the factory. Simply with that we could already protect ourselves from attacks like this, since precisely its only weapon is to prove typical credentials.
Bitdefender has also indicated that the Dark Nexus has the ability to recruit IoT devices in any country to carry out DDoS attacks against different infrastructures. Of course, it seems that at the moment they are focusing on Asian countries mainly.
It is marketed from 20 euros
Regarding its authorship, Bitdefender researchers believe that Greek Helios may be behind it. He is a botnet author who markets with DDoS attacks of this type. They also indicate that they have found evidence on YouTube where they have seen that the botnet is marketed from 20 euros a month for 40 minutes and for 90 euros unlimited access.
We already know that botnets can limit access to certain platforms. Some such as the Mirai case have been able to block access to important Internet services that are used by millions of people, such as Twitter, Netflix or Spotify.
In short, a group of Bitdefender security researchers has found a new botnet called Dark Nexus . Directly attacks IoT devices. The good news is that it is very easy to counter, as it is based solely on brute force attacks that take advantage of factory credentials that have not been changed by users. So our main advice is always to change the credentials and passwords that come from the factory when we are going to use any device of what is known as the Internet of Things.
We leave you an article with some tips about security on IoT devices .