Shouldnt this be fantastic news? a list of 700K IPs with infected devices ready for distribution to affected ISPs who can turn off internet until users fix their crap.
The ISPs simply don't care, I think. I have several million unique botnet IPs hitting my server, and I'm not sure how I could let the ISPs or users know they're infected - I contacted those that originated from my country, but 3 out of 4 of them ignored my mail to the abuse contact. I imagine the situation is several magnitudes worse for people with more prominent domains.
We need regulation requiring ISPs to care. In the US they will severely reduce your speeds (if not outright cancel your account) over repeated DMCA complaints so why can't they do the same for reported botnet activity?
I guess logistically they'd need a way to assess if the problem had been resolved though. It would be pretty challenging to validate reports and then follow up on them in an automated manner. There's not going to be much budget for this after all. Still you'd think it could be done for the largest (and thus well understood) botnets.
Absolutely, but empirical evidence shows that IoT devices are far and large vulnerable way more often than other types of devices on most networks, because modern smartphones are pretty well secured and many users that are less tech-savvy are abandoning their bloatware-ridden Windows notebooks for Android-based or iOS-based tablets.
In my opinion, this shows a lack of accountability in the industry as a whole over security issues on devices. Ultimately, this won't change unless tight legislation is passed to punish or prevent insecure IoT devices (however you would like to measure that) or unless companies actually start to become accountable for releasing insecure software and hardware, losing out on future sales, which requires a cultural shift in how most people think about appliances and computing as a whole.
> The Kimwolf botmaster openly discusses what they are doing with the botnet in a Discord channel with my name on it.
Wild times we are living in
>700,000 Kimwolf-infected bots
Shouldnt this be fantastic news? a list of 700K IPs with infected devices ready for distribution to affected ISPs who can turn off internet until users fix their crap.
The ISPs simply don't care, I think. I have several million unique botnet IPs hitting my server, and I'm not sure how I could let the ISPs or users know they're infected - I contacted those that originated from my country, but 3 out of 4 of them ignored my mail to the abuse contact. I imagine the situation is several magnitudes worse for people with more prominent domains.
We need regulation requiring ISPs to care. In the US they will severely reduce your speeds (if not outright cancel your account) over repeated DMCA complaints so why can't they do the same for reported botnet activity?
I guess logistically they'd need a way to assess if the problem had been resolved though. It would be pretty challenging to validate reports and then follow up on them in an automated manner. There's not going to be much budget for this after all. Still you'd think it could be done for the largest (and thus well understood) botnets.
5 replies →
If the malicious nodes are properly participating in the network, shouldn't it be a net positive for I2P?
I don't expect them to be traffic-heavy, if it's just the control plane.
If at some point, all the bots go offline at once, it could cripple the network
Sounds like they aren't properly participating though
The article is vague, but another downside to the proliferation of "smart" home appliances?
That is disingenuous.
It is a downside to the proliferation of poorly secured devices. Your nebulous statement could be applied to anything.
Absolutely, but empirical evidence shows that IoT devices are far and large vulnerable way more often than other types of devices on most networks, because modern smartphones are pretty well secured and many users that are less tech-savvy are abandoning their bloatware-ridden Windows notebooks for Android-based or iOS-based tablets.
In my opinion, this shows a lack of accountability in the industry as a whole over security issues on devices. Ultimately, this won't change unless tight legislation is passed to punish or prevent insecure IoT devices (however you would like to measure that) or unless companies actually start to become accountable for releasing insecure software and hardware, losing out on future sales, which requires a cultural shift in how most people think about appliances and computing as a whole.