Comment by sieep

6 days ago

Very fascinating. I saw multiple people predict that these ddos attacks were just advertisement for the Aisuru services.

How can regular users of Android, smart TV's, etc. identify these IoT devices that have been compromised?

6 comments

sieep

Reply
hombre_fatal  2 days ago

I guess the increased bandwidth should at least show up on the ISP bill since that's the only place anyone would notice.

But we're pretty far from having a system that isn't perfect for botnets and malicious proxies hiding on your network.

Kinda crazy how my ISP doesn't even show me my usage on the bill. But then again every time I call them for something, they try to convince me I need something more than the minimum plan, and they're BS depends on me not knowing which tier I need.

  • SkiFire13  1 day ago

    > I guess the increased bandwidth should at least show up on the ISP bill since that's the only place anyone would notice.

    Not sure about other places, but where I live ISPs don't have bandwidth limits over which they make you pay an extra. In extreme cases they might suspend service if your usage is deemed abusive though, but I never heard of this happening to people I know IRL.

    • hombre_fatal  10 hours ago

      Sure. And that's yet another enabler of the status quo where malicious actors have infinite resources: every compromised computer or internet of shit product has unmetered high quality residential bandwidth.

zokier  1 day ago

realistically? not much regular joe can do.

advanced users can segregate all their iot crap into separate network which allows keeping an eye on what goes on in there. but you need to know what your normal safe baseline looks like to be able to identify something weird happening.

of course there is lot of fancy tools built around this topic too, stuff like zeek and suricata almost certainly could be used to identify possible compromises. especially in a separate iot network, which should have otherwise fairly regular traffic patterns. but realistically, idk if anyone has been very successful in implementing such detection.