A botnet was detected that was made of home and small-business routers – cybercriminals used it to launch DDoS attacks.

Infecting home routers is not a new technique, it is often used by cybercriminals. Ensuring the security of home communications equipment has so far remained the responsibility of its manufacturer. As practice shows, a considerable number of vulnerabilities and configuration shortcomings exist, allowing cybercriminals to seize control over routers. In this incident, the bad guys used the victim routers to launch DDoS attacks.
For cybercriminals, the option of creating botnets made of routers looks quite attractive. For these devices, it is simple to implement automated tools with which to exploit vulnerabilities; this makes the cybercriminals’ task substantially easier. In addition, very few users turn their routers off, so devices that are always on help build larger bots with members that are online pretty much all of the time.

Geography of attacks

The geography of attacked targets has somewhat expanded as compared to Q1: attacked targets were located in 79 countries around the world (against 76 countries in Q1 2015). 71.9% of attacked resources were located in 10 countries.



Source: securelist dot com