Unprecedented Gorilla Botnet Launches Hundreds of Thousands DDoS Attacks Worldwide
for Distributed Denial of Service (DDoS) attacks were dispatched to over 100 countries.
Inside Gorilla: A Glimpse of the New Botnet
Cybersecurity firm, NSFOCUS stated that the Gorilla botnet is particularly known for its use of IoT devices; specifically targeting routers, IP cameras, and DVRs, which it takes over and uses to launch debilitating DDoS attacks on targeted victims.
The botnet uses these devices to flood targeted networks with junk internet traffic resulting in victims’ services becoming overwhelmed and effectively knocked offline.
The three-layered botnet consists of a command and control server, backend database, and abductees’ IoT devices.
The latter executes the attack commands received from the command and control server.
This hierarchical architecture makes it more resilient and harder to dismantle as one layer can continue the attack even when others are disrupted.
The Infection Procedure
Gorilla primarily uses brute-force attack techniques, attempting many combinations of usernames and passwords on targeted IoT devices until successful access is gained on unprotected ones.
After accessing a device, it downloads and executes a malicious binary script to add the affected device into its botnet network, making it a part of its army for executing DDoS attacks.
Shocking Global Reach
Geographically, the top five targeted regions, according to NSFOCUS, were Thailand, India, Vietnam, Turkey, and South Korea.
However, traces of the botnet have been found globally, in Europe, the Americas, Africa, and Australia, indicating an expansive threat arena.
Practical Advice for Professionals
1.
Professionals must secure their organization’s IoT devices by regularly changing default usernames and complex passwords, thus preventing unauthorized access.
2.
Establishing strong network security measures and deploying intrusion detection and prevention systems can also help detect and mitigate these attacks.
3.
Vulnerability scanning and patch management are crucial.
Regular scanning would identify potential vulnerabilities, and regular patching would remediate them, thus preventing malicious botnet access.
Stay Vigilant
In this world where the threat of cyber-attacks continues to evolve, it’s crucial for us to stay vigilant and proactive in our defenses.
The rise of Gorilla, this high-impact DDoS botnet, underlines the importance of maintaining robust security measures.
Businesses must stay ahead of these threats to protect their vital systems and data.
Follow-Up Reading:
