The number of attacks on IoT devices continues to increase, say Kaspersky researchers in their latest overview of this type of attack. In addition, the supply of IoT malware services on the dark web is expanding significantly.
The number of IoT devices continues to grow worldwide. By 2030, the number of these devices is estimated to exceed 29 billion according to Kaspersky researchers. Of course, this also means that attacks on these Internet-connected devices are gaining in share.
Brute force attacks and exploits
In their research, the specialists identify two types of common attacks on IoT devices, brute force attacks and attacks on vulnerabilities in services that use IoT devices.
Brute force attacks often focus specifically on attacks on the Telnet protocol. With these, hackers attempt to gain unauthorized access by cracking passwords. They can then execute arbitrary commands and malware.
Vulnerabilities in services that use IoT devices are also a common way to attack IoT devices. This involves executing malicious commands by exploiting vulnerabilities in IoT Web interfaces. Ultimately, these attacks can cause IoT devices to become part of botnets.
In addition, the researchers noted that more and more IoT malware is appearing. These malware today consist mainly of DDoS botnets, ransomware, miners, proxy bots and changing DNS settings. In addition, much of the malware found is often a variant of the Mirai malware, a botnet that exploits vulnerabilities in IoT devices.
Lots of activity on the darkweb
Furthermore, the experts noted that more and more IoT malware and resulting attacks, are available via the darkweb. DDoS attacks via IoT botnets are particularly in demand. In the first half of 2023, analysts from Kaspersky’s Digital Footprint Intelligence service identified more than 700 ads for DDoS attack services on various darkweb forums. Furthermore, the darkweb offers exploits for zeroday vulnerabilities in IoT devices as well as IoT malware bundled with infrastructure and support utilities.