How hackers turned devices 'cleaned' by FBI into weapons
What's the story
The Federal Bureau of Investigation (FBI) recently released around 95,000 computers and internet-enabled devices that were previously infected with malware. However, many of these "cleaned" devices have now been compromised by hackers in a major security breach. This incident highlights the growing threat of botnets, networks of compromised computers and connected devices like smart TVs and routers that are hijacked for malicious purposes without their owners' consent.
Threat
'Feeding frenzy' among hackers
Botnets are usually exploited by cybercriminals to send spam or execute other nefarious activities such as ransomware or DDoS attacks. The recent incident has sparked a "feeding frenzy," with hackers racing to take over these cleaned devices as quickly as possible, according to Damian Menscher, a security engineer at Google. One such botnet group, Aisuru, has already hijacked more than 25% of the machines released by the FBI and is now using them for unprecedented distributed denial-of-service (DDoS) attacks.
Cyber assault
Record-breaking DDoS attack
On September 1, Aisuru launched a DDoS attack that generated a staggering 11.5 trillion bits per second of junk traffic, the highest ever recorded. The intensity of this attack was so high that it could have easily overwhelmed the download speeds of over 50,000 home internet connections in one go. Unlike traditional botnets that rely on personal computers, Aisuru utilizes neglected internet-connected devices such as routers and smart TVs for its operations.
Unintended consequence
Exploiting security measures
When the FBI cleaned the infected machines of old malware, it unwittingly gave Aisuru an opportunity to take over. This incident highlights how easily cybercriminals can exploit security measures meant to protect users. Earlier this year, Google dismantled a botnet that had grown from 74,000 Android TV devices to more than 10 million in two years, making it the largest known smart TV botnet.
Cyber warfare
Botnets as a weapon of cyber warfare
The threat from botnets has evolved from just targeting websites to threatening entire national internet infrastructures. Craig Labovitz, head of technology at Nokia's Deepfield division, said that the focus has shifted from website vulnerabilities to country vulnerabilities. The UK has even accused Russia's GRU of using DDoS attacks on Ukrainian banks in 2022, just before its military invasion, a clear indication of how botnets can be weaponized for cyber warfare.