Botnet enslaved 18,000 Huawei routers, claims hacker


San Francisco, Jul 21 (IANS): A hacker claims to have created a botnet within 24 hours that has compromised 18,000 routers of Chinese telecom giant Huawei.

The cyberattacker, who goes by the pseudonym Anarchy, boasted of building the botnet by using an old vulnerability, ZDNet.com reported on Friday.

According to a report in Bleeping Computer, this new botnet was first spotted this week by security researchers from a cybersecurity company called NewSky Security.

Following the news, other security firms including Rapid7 and Qihoo 360 Netlab confirmed the existence of the new threat as they saw a huge recent uptick in Huawei device scanning.

The botnet author reached out to NewSky security researcher Ankit Anubhav who believes that Anarchy may actually be a well-known threat actor who previously identified as Wicked.

What surprised security researchers was that Anarchy built the gigantic botnet within a day using a vulnerability which had been used before -- CVE-2017-17215.

Botnets, which refer to a vast networks full of enslaved devices, can be used to perform distributed denial-of-service attack (DDoS attack), send malicious packets of data to a device and remotely execute code.

  

Top Stories


Leave a Comment

Title: Botnet enslaved 18,000 Huawei routers, claims hacker



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.