SECURITY OUTFIT Check Point has caught wind of a new IoT botnet that's "more sophisticated than Mirai" and has already affected at least one million organisations worldwide.
Check Point first unearthed the botnet, codenamed 'IoT_reaper', at the beginning of September and claims that, since, it's already enslaved millions of IoT devices including routers and IP cameras from firms including GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys and Synology.
The latest campaign shares similar technical aspects to Mirai but is said to be more dangerous as it is able to "evolve" in order to exploit vulnerabilities in devices connected to the internet, which it then uses to spread the malware to other devices.
The security firm warns that the botnet is "rapidly spreading worldwide" and could soon be weaponised the launch cyber attacks in the same fashion of Mirai last year.
Check Point said: "While some technical aspects lead us to suspect a possible connection to Mirai, this is an entirely new and far more sophisticated campaign that is rapidly spreading worldwide."
"It is too early to guess the intentions of the threat actors behind it, but with previous botnet DDoS attacks essentially taking down the internet, it is vital that organisations make proper preparations," the team noted.
Check Point says that, so far, it estimates that "over a million organisations have already been affected worldwide, including the US, Australia and everywhere in between.
It expects this number to keep growing, noting that "our research suggests that we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come."
"It is vital to have the proper preparations and defence mechanisms in place before an attack strikes," Check Point warns.
This isn't the first Mirai-like threat that's been uncovered. Earlier this year, a new threat called 'BrickerBot' was revealed, which - as its name suggests - threatened to permanently brick IoT devices, rather than harnessing them to a distributed denial of service (DDoS) network. µ
Firm wants to offer plenty of performance for lower prices
Second privacy misfire in as many months
Last-gen Titan cards reduced to graphical gnats
For those who want to read INQ with a plastic box strapped to their face