A family of malware targeting Internet of Things (IoT) devices to create distributed denial of service (DDoS) botnets has been detected by Level 3 Threat Research Labs working with Flashpoint.The malware has a number of names – Lizkebab, Bashlite, Torlus, gafgyt – and its impact is far-ranging, according to the report.The source code, first leaked in early 2015, is written in C, making it suitable for IoT devices based in Linux. Bad actors have already seeded more than a dozen iterations and a million devices have been enlisted in the bots, particularly active in Taiwan, Brazil and Colombia.Most of the devices use components from Dahua Technology, a China-based manufacturer of surveillance equipment and software. Dahua was notified and is developing a patch."The security of IoT devices poses a significant threat," the researchers concluded. "Vendors of these devices must work to improve their security to combat this growing threat."
Threat Management, Incident Response, Malware, Network Security, TDR, Vulnerability Management
Millions of IoT devices enlisted into DDoS bots with Bashlite malware
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



