What is it and when was it found?
The Reaper botnet is a network of Internet of Things (IoT) devices – mainly web-connected cameras and routers – hijacked using unpatched vulnerabilities. It borrowed codes from the Miraibotnet, used in 2016 to take chunks of the internet offline in the US.
Both cybersecurity companies found the botnet independently of each other in September this year.
How many devices are infected?
It is estimated that millions of IoT products have already been affected by Reaper, with infections spotted across the globe. Netlab360 said that one queue of devices waiting to be infected included more than two million targets.
Which companies have been affected?
Research suggested that at least nine bugs were being exploited to target devices produced by DLink, GoAhead, JAWS, Netgear, Vacron, Linksys and AVTECH. It appeared the author of the botnet was still tinkering with its code, so more infected companies may soon emerge.
Who is the culprit behind the botnet swarm?
The culprit behind the operation remains a mystery. "It is too early to assess the intentions of the threat actors behind it," Check Point researchers said in their report.
What type of attacks could be launched?
While none have been reported so far, the IoTbotnet, like Mirai, could be used to launch distributed denial of service (DDoS) cyberattacks. Typically, such attacks use the collective power of hijacked devices to send waves of traffic towards a website in order to take it offline.
Is this really such a big deal?
According to Check Point, the botnet could result in a "cyber-hurricane" that could take down the internet and warned that "we are now experiencing the calm before an even more powerful storm".
Netlab360 was more nuanced, but said that the discovery "deserves our vigilance".
How can people stay safe from attacks?
"A simple password upgrade is not sufficient to protect against the botnet, but is still highly recommended on all devices connected to the internet," explained Tristan Liverpool, director of systems engineering at cybersecurity company F5 Networks.
"To stop the propagation of this botnet, all companies and consumers should ensure all their devices are running the latest firmware versions, which will have security patches included."
What happens next?
Now we let the experts do their jobs – vendors will push out fixes for any unresolved issues and researchers will continue to analyse the botnet's reach. It appears to be growing. "This is an entirely new campaign rapidly spreading throughout the globe," Check Point's team warned.
Research: Netlab360 research, Check Point research
Those behind IoT Reaper remain unknowniStockMore from IBTimes UK
- Need some extra cash? Watch out for this online sales scam targeting UK jobseekers
- Did Russia influence Brexit? UK MPs seek answers from Facebook over ad purchases
- Kaspersky Lab fights to restore trust with antivirus review – but is it enough?
This new botnet could take down the internet - and it's rapidly spreading across the world.