• Ar chevron_right

    UPnP flaw exposes millions of network devices to attacks over the Internet / ArsTechnica · Thursday, 11 June - 10:30

A cartoon demonstrates a household using multiple internet devices.

Enlarge (credit: US GAO / Flickr )

Millions of routers, printers, and other devices can be remotely commandeered by a new attack that exploits a security flaw in the Universal Plug and Play network protocol, a researcher said.

CallStranger, as the exploit has been named, is most useful for forcing large numbers of devices to participate in distributed denial of service—or DDoS—attacks that overwhelm third-party targets with junk traffic. CallStranger can also be used to exfiltrate data inside networks even when they’re protected by data loss prevention tools that are designed to prevent such attacks. The exploit also allows attackers to scan internal ports which would otherwise be invisible because they’re not exposed to the Internet.

Billions of routers and other so-called Internet-of-things devices are susceptible to CallStranger, Yunus Çadırcı, a Turkish researcher who discovered the vulnerability and the wrote the proof-of-concept attack code that exploits it, wrote over the weekend . For the exploit to actually work, however, a vulnerable device must have UPnP, as the protocol is known, exposed on the Internet. That constraint means only a fraction of vulnerable devices are actually exploitable.

Read 10 remaining paragraphs | Comments


V téhle divné době je aspoň čas na kreativitu… Máte doma plotter po dědečkovi? Použijte ho do uměleckýho projektu!

“Please Leave A Message” is a public message board that I installed in the large window of my workshop. People on the street can access it via Wi-Fi, with their smartphones, and write positive, encouraging notes [...]

  • Ho chevron_right

    Contact publication / Home-Assistant Twitter News · Tuesday, 5 May - 17:00

Adicionando mais umas fitas de LEDs DIY pra aumentar o FPS nos jogos haha — Adding some more LEDs strips to the office using @ESP8266, some wS2812b LEDs, @esphome firmware and my favorite home automation software - @home_assistant #esphome #homeassistant #iot
  • Ar chevron_right

    Meet dark_nexus, quite possibly the most potent IoT botnet ever / ArsTechnica · Thursday, 9 April - 11:52

Meet dark_nexus, quite possibly the most potent IoT botnet ever

Enlarge (credit: Aurich Lawson)

A newly discovered botnet that preys on home routers, video recorders, and other network-connected devices is one of the most advanced Internet-of-things platforms ever seen, researchers said on Wednesday. Its list of advanced features includes the ability to disguise malicious traffic as benign, maintain persistence, and infect devices that run on at least 12 different CPUs.

Researchers from antivirus provider Bitdefender described the so-called dark_nexus as a “new IoT botnet packing new features and capabilities that put to shame most IoT botnets and malware that we’ve seen.” In the three months that Bitdefender has tracked it, dark_nexus has undergone 30 version updates, as its developer has steadily added more features and capabilities.

Significantly more potent

The malware has infected at least 1,372 devices, which include video recorders, thermal cameras, and home and small office routers made by Dasan, Zhone, Dlink, and ASUS. Researchers expect more device models to be affected as dark_nexus development continues.

Read 11 remaining paragraphs | Comments