A team of Check Point researchers discovered a botnet, dubbed "IoTroop," which has infected an estimated one million organizations across the globe, according to a report the San Carlos, Calif.-based cybersecurity company released Oct. 19.
Botnets are networks of internet-connected devices infected by the same malware, which cyberattackers are able to collectively control from a remote location. One of the most notorious examples is the Mirai botnet of 2016. Mirai deployed a distributed denial-of-service attack on a number of servers and compromised roughly 100,000 internet of things devices.
The Check Point researchers began investigating the IoTroop botnet in late September, after detecting an increase in attempts to exploit vulnerabilities in various IoT devices. They determined the flurry of activity represented the "recruitment stages" of an IoT botnet, in which infected devices were subsequently spreading malware to similar devices. It is unclear when the botnet was first released.
The researchers warned IoTroop is "evolving and recruiting IoT devices at a far greater pace and with more potential damage than the Mirai botnet," creating a massive network of controlled devices.
"It is too early to guess the intentions of the threat actors behind it, but with previous Botnet DDoS attacks essentially taking down the Internet, it is vital that organizations make proper preparations and defense mechanisms are put in place before an attack strikes," the researchers wrote.
To access the full report, click here.