Experts from Rubicon Labs and SiO4 commented below on a newly discovered variant of Mirai botnet malware forces infected devices to act as proxy servers capable of protecting the anonymity of cybercriminals engaging in illegal activities.
Rod Schultz, Chief Product Officer at Rubicon Labs:
“There is a huge financial incentive for attackers to mutate what initially appears to be a relatively harmless pice of malware (Mirai in this case) into something much more malicious.
The building blocks and knowledge needed to transform malware into the equivalent of the digital Spanish Flu exist today, and until connected devices can be updated and patched with resistant code it will be impossible to prevent these attacks.
Software updates and secure digital identities are the foundation for the heard immunity that the IoT desperately needs. The problem is that devices are being rapidly connected to the network today, with the assumption that IoT security and device control will be taken care of tomorrow.”
Andrew Speakmaster, Founder and Chief Technology Officer at SiO4:
“This is just another evolution in cybercrime that leverages newer technologies and turns the device into the victim. In every instance, new technologies
regard security is an afterthought, and the race to make them secured can be slow from IoT vendors.
The majority of cyber criminals today are not looking to cause chaos and havoc (unless their goal is hacktivism or a nation state attack) as they have in the past – it’s all about monetization, and they are creating ingenious ways to make this happen. Enabling devices to deliver malicious activity in mass is not new, but this variant creates another ecosystem in addition to using existing methods which adds a widespread layer of attack vectors from commercial and consumer devices.”