Script Kiddie Nightmare: IoT Attack Code Embedded with Backdoor by Ankit Anubhav

Introduction The IoT threat landscape is proving to be the fastest to evolve, with attacks shifting from basic password guessing, to using a variety of exploits as seen recently in the IoTroop/Reaper botnet. Enter the script kiddie — amateurish hackers that copy/paste code for quick results. With the numerous disclosures of proof-of-concept IoT exploit code, many script kiddies jump on the exploit bandwagon by using weaponized attack scripts that are shared in various shady forums. The market is particularly hot for IoT devices using a vulnerable version of an embedded GoAhead server. This arises due to the fact that there are a large number of IP camera vendors that can be hacked using exploits like CVE-2017–8225, and it is already employed successfully by the IoTroop/Reaper botnet. Along similar lines, we observed the distribution of a weaponized script on a hacking forum which promises script kiddies to gather a list of GoAheaddevices; the....