🛡 Matrix attacks or a new IoT botnet (unexpectedly) 🫢 The other day, Aqua experts issue…

🛡 Matrix attacks or new IoT botnet ( how unexpected )

🫢 Recently, Aqua company experts made warning about the activities of an attacker or group under the nickname Matrix , which uses a botnet of IoT devices to launch large-scale DDoS attacks. Hacking of IP cameras, routers, DVRs and even servers of cloud providers such as AWS, Azure and Google Cloud is used.

✅ Currently, we know that Matrix actively exploits known vulnerabilities and uses brute force passwords on IoT devices. Main targets of attacks - China, Japan, Argentina, Australia, USA and a number of other countries. Among the consequences is the deployment of malware on devices ( Mirai, PYbot ) for further DDoS attacks

☑ The attacker may be a lone attacker, judging by the handwriting and a number of artifacts, including a newly created Matrix account on GitHub. Interestingly, the botnet is advertised through Telegram 📱 as a service for subscription attacks, with payment in cryptocurrency

◼️ To be honest, I have mixed feelings here. On the one hand, Matrix, it seems to me, does not have outstanding technical skills, but simply competently uses already available tools. On the other hand, this is what scares us the most. This situation shows that even basic knowledge and open resources on GitHub 📱 allow for a serious attack

🔠 As a security professional, I am especially concerned about the vulnerabilities of IoT devices. We have smart devices at home or in our pockets that could be part of a botnet ( and most likely you won't know about it ). Once again, I would like to draw your attention to the importance of security for Internet of Things devices. Remember that it is important to change passwords, update software and always keep in mind that you can be hacked

#information_security
#internet_things