Hackers took control of 18,000 Huawei router devices in just one day

Researcher from NewSky Security recently discovered a hacker nicknamed Anarchy, only 24 hours to build a botnet from 18,000 Huawei router devices.

1. What is a botnet, who does it use to attack, and how can you prevent botnet?

Immediately, other security vendors Rapid7 and Qihoo 360 Netlab quickly joined in and found that scanning of Huawei devices suddenly spiked.

Hackers took control of 18,000 Huawei router devices in just one day Picture 1

The reason for this increase is that hackers conduct scans to search for vulnerable routers before the critical security vulnerability CVE-2017-17215, which can be exploited through port 37215. Hackers start perform this scan on July 18.

With this method, hackers can send malicious packets, launch attacks on Huawei routers and execute code remotely. The attacker can then control and add these devices to the botnet.

The purpose of the hacker is to create "the worst botnet in the city". This botnet may be used in targeted attacks or may be leased to bad guys to accomplish the attack.

Not only that, Anarchy also said he also intends to start scanning Realtek router router CVE-2014-8361, to control more devices.

See more:

1. Warning: Bkav detected more than 700,000 computers in Vietnam infected with virtual money digging virus that slowed down the computer
2. Half a million computers in Vietnam suffer from dangerous spyware
3. Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer