Wednesday, March 20, 2013

420 thousand devices have become part of a botnet Carna

The hacker has created a botnet to demonstrate card devices that use the IPv4

Unknown hacker has created a botnet to demonstrate map computers around the world that use the protocol IPv4. He found that the network has a lot of unprotected IPv4-devices. In order to get control of them was enough to enter the default credentials «root: root» or «admin: admin».

"I really had the chance to work across the Internet, to manage hundreds of thousands of devices with a single mouse click, scan and create a map of the Internet. Before me, this has never been done, "- said the hacker.

In order to implement his plan hackers create two executable files to 46KB and 60KB (depending on the processor architecture) for the C programming language, and download it to the device without the user's knowledge. An attacker could gain control of 420 thousand units, which created a botnet Carna.

Due to a hacker could easily monitor devices IPv4. He recorded every IP-address, which was responsible for at least one of the 52 billion sent them pings from June to October 2012. A total of 420 million pings responded IP-adresov/ustroystv.

It should be noted that such a record number of boats indicates a low level of security of computers connected to the Internet.

The hacker claims that he does not harm the bots, and he created the file is removed from the device after reboot. Moreover, the code is also included README-file, which specifies the objectives of the project by unknown hackers and e-mail address where people can send their questions. This address has received only two messages from administrators traps honeypot, which became part of botnets Carna.

A detailed description of the botnet Carna is available here.

No comments:

Post a Comment