Latest Threat: Reaper

Last year Mirai malware hit 500,000 IoT devices and launched DDoS attacks. Now, a new malware has been identified by researchers at CheckPoint that is surpassing Mirai by hitting millions of IoT devices worldwide.

On October 19, 2017, Checkpoint, announced that they’ve been tracking a “massive” IoT botnet “forming to create a cyber-storm that could take down the Internet.” Checkpoint stated that this malware has already infected ~one million organizations, and is impacting IoT devices at a much faster pace than Mirai.

This graphic from CheckPoint charts a steep, recent rise in the number of Internet addresses trying to spread the new IoT malware variant, which CheckPoint calls “IoTroop.”

On October 20, 2017, Netlab 360 confirmed the existence of the new strain, and named it ‘Reaper.’ Netlab 360 also stated that the malware is  spreading much more quickly and deliberately than Mirai.

Unlike Mirai, which wriggles into vulnerable IoT devices using factory-default or hard-coded usernames and passwords, this newest malware leverages known security vulnerabilities across nearly a dozen different device makers. The malware is attacking a majority of devices manufactured by Linksys, D-Link, TP-Link, Netgear, Synology, Avtech, MikroTik and GoAhead. Some of these manufacturers have released patches to fix the vulnerabilities in their devices.

Reaper isn’t attacking anyone yet, but it is out there…waiting.

Now more than ever, it’s important to work with companies who ensure cyber security.

Read More Cyber Security Blog Posts