Hackers Could Take Down the Internet With Million-Device Botnet Worse Than Mirai

Hackers have compromised the security of more than a million internet-connected devices and transformed them into a massive botnet that could take down the internet, researchers have warned.

Security researchers at the cybersecurity firm Check Point published details of the new botnet, warning that it continues to recruit devices at a “far greater pace” than the dangerous Mirai botnet that was used in devastating cyberattacks last year.

“So far we estimate over a million organizations have already been affected worldwide, including the U.S., Australia and everywhere in between, and the number is only increasing,” a blogpost on Check Point’s website states.

Keep up with this story and more by subscribing now

“Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come.”

Botnets make use of security vulnerabilities in web-connected devices such as smart fridges, thermostats and webcams in order to perform distributed denial of service (DDoS) attacks (overloading targets with web traffic) against companies, organisations or critical infrastructure.

Graphic shows the security risks the Internet of Things faces, and how hackers can launch a DDoS attack. Reuters Graphics

In 2016, the Mirai botnet was used in attacks on Russian banks, as well as against dozens of major websites, such as Netflix, Reddit and Twitter. The botnet was also blamed for knocking the entire country of Liberia offline in November.

The latest campaign shares similar technical aspects to Mirai but is far more dangerous as it is able to “evolve” in order to exploit vulnerabilities in devices connected to the so-called 'Internet of Things' and then using the devices to spread the malware to other devices.

“This is an entirely new and more sophisticated campaign that is rapidly spreading worldwide,” a spokesperson for Check Point tells Newsweek .

“It was found that numerous devices were both being targeted and later sending out the infection. These attacks were coming from many different types of devices and many different countries.”

An illustration of how the botnet spreads from device to device. Check Point

Research from the security firm BullGuard published last year estimated that up to 185 million devices may be vulnerable to hackers seeking to incorporate them into a botnet. The issue is worsened by many manufacturers treat cybersecurity as an afterthought when producing smart devices.

In the wake of last year’s Mirai attacks, cybersecurity pioneer John McAfee warned it could be a precursor to a “cyber atomic bomb” in the near future.

“Clearly there are weaknesses,” McAfee told Newsweek . “Anticipate that these will be exploited in a big way.”

Check Point says it is vital that organizations make proper preparations and implement defense mechanisms in order to prevent attacks on their devices.