Competition is so fierce, says the company, that criminals are known to uninstall any malware they find on targeted routers, booting off their rivals so they can claim complete control over the device. For the home user a compromised router is likely to suffer performance issues, and if attacks are subsequently launched from that device, their IP address may also be blacklisted – possibly implicating them in criminal activity and potentially cutting them off from key parts of the internet, and even corporate networks.
As explained in the report, which highlights three botnet malware families - Mirai, Kaiten, and Qbot - there's a thriving black market in botnet malware and botnets-for-hire. Although any IoT device could be compromised and leveraged in a botnet, routers are of particular interest because they are easily accessible and directly connected to the internet.
To combat this, says the company, home users should heed the following recommendations:
- Make sure a strong password is used and that it is changed from time to time.
- Make sure the router is running the latest firmware.
- Check logs to find behavior that doesn't make sense for the network.
- Only allow logins to the router from the local network.
For more, see the report: " Worm War: The Botnet Battle for IoT Territory ."
Botnet encyclopedia launched to fight cybercrime
Cybersecurity expert shares top predictions for 2020
New IoT botnet 'puts others to shame'
IoT devices becoming 'cyberweapon of choice' for attackers