Maharashtra Government issues advisory on 'Reaper' botnet

The Maharashtra Government on Friday issued a security advisory regarding the recent outbreak of 'Reaper' botnet across the globe.

"It is imperative for everyone to be aware about this wide-spreading botnet, which is the primary reason why this advisory has been issued," a notification issued by the government said.

It also enlisted a number of preventive measures such as updating the security updates; choosing strong passwords for personal devices; safeguard network using various methods, including penetration testing, proactive network management; deleting malware by a factory reset in case of suspected abnormal activity and use of secure protocols (VPN and SSH) by organisations to prevent brute force attacks, among others.

'Reaper' is a botnet that uses advanced brute forcing and hacking techniques to break into the internet of things (IoT) devices, such as wireless IP cameras and routers that are not properly secured, including weak and/or default password protection.

Hackers are using a pre-set list of modules as well as programmes that search for vulnerabilities of IoT devices to infect internet-connected devices, such as PCs, servers, and mobile devices, intending to create email spams and Disturbed Denial of Service (DDoS) attacks.

For a botnet to work, hackers look for vulnerable devices across the internet to infect as many connected devices as possible.

A malware infected device (bot) is made part of a network (net) of infected devices, which is then controlled by an individual or group of attackers.

According to researchers, 'Reaper' has ensnared almost two million Internet-connected webcams, security cameras, and digital video recorders (DVRs) in a month. It is reportedly on track to become one of the largest botnets in the world.

Last year, another botnet named 'Mirai' broke targeted devices by guessing their 'admin passwords'. However, 'Reaper' is using an advanced version of the Mirai's code to exploit known security vulnerabilities and then look for other devices for further spreading the infection.

Thus, Reaper is recruiting IoT devices and spreading continuously and has possibilities of a potential DDoS attack like its predecessor, Mirai.