Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
(www.trendmicro.com)
from kid@sh.itjust.works to cybersecurity@sh.itjust.works on 18 Nov 18:22
https://sh.itjust.works/post/28284188
from kid@sh.itjust.works to cybersecurity@sh.itjust.works on 18 Nov 18:22
https://sh.itjust.works/post/28284188
-
Water Barghest, which comprised over 20,000 IoT devices by October 2024, monetizes IoT devices by exploiting vulnerabilities and quickly enlisting them for sale on a residential proxy marketplace.
-
Its botnet uses automated scripts to find and compromise vulnerable IoT devices sourced from public internet scan databases like Shodan.
-
Once IoT devices are compromised, the Ngioweb malware is deployed, which runs in memory and connects to command-and-control servers to register the compromised device as a proxy.
-
The monetization process, from initial infection to the availability of the device as a proxy on a residential proxy marketplace, can take as little as 10 minutes, indicating a highly efficient and automated operation.
threaded - newest