Ethical Hacking News
The latest addition to the world of cybersecurity threats is the Eleven11bot botnet, a growing concern with over 86,000 infected IoT devices. As this malware continues to expand its reach, it's crucial for individuals and organizations to take proactive measures to protect themselves from these cyber threats.
The Eleventhnbot botnet has infected over 86,000 Internet of Things (IoT) devices worldwide.The compromised devices were primarily security cameras and network video recorders (NVRs).The botnet was discovered by researchers at Nokia Deepfield Emergency Response Team (ERT) in early February 2025.The growth of the botnet is unprecedented among non-state actor botnets.61% of the IP addresses associated with the malware originated from Iran, which could be linked to recent U.S. sanctions.The malware exploited weak IoT passwords and targeted VStarcam devices with hardcoded credentials.The discovery highlights the dangers of inadequate cybersecurity measures.Rapid implementation of robust security measures is necessary to protect vulnerable IoT devices.
The world of cybersecurity has just witnessed a significant development that should send waves of concern throughout the globe. The Eleventhnbot botnet, a highly sophisticated piece of malware, has managed to infect over 86,000 Internet of Things (IoT) devices worldwide. These compromised devices are primarily security cameras and network video recorders (NVRs), which have been utilized by hackers to launch Distributed Denial-of-Service (DDoS) attacks on various sectors. This unprecedented level of botnet growth is a stark reminder of the ever-evolving nature of cyber threats.
Researchers at Nokia Deepfield Emergency Response Team (ERT) identified the Eleven11bot botnet and confirmed its existence in early February 2025. The team discovered that this particular type of malware had already infected over 30,000 devices before it gained widespread attention. As more information became available, it became apparent that the growth of this botnet was unprecedented among non-state actor botnets.
GreyNoise researchers who monitored the Eleven11bot botnet noted that 96% of the IP addresses associated with the malware were genuine. However, an alarming 61% (636 of 1,042) originated from Iran. This sudden spike in malicious activity from a single country could be linked to recent U.S. sanctions on Iran. The rapid increase in attack intensity varied greatly, ranging from a few hundred thousand packets per second to several hundred million packets per second.
GreyNoise further revealed that the Eleven11bot botnet was expanding its reach through brute-force attacks, exploiting weak IoT passwords, and targeting VStarcam devices with hardcoded credentials. The malware also scans for exposed Telnet and SSH ports on vulnerable hardware, making it a formidable foe in the world of cybersecurity.
Shadowserver Foundation researchers are also closely monitoring the Eleven11bot botnet, reporting that they spotted approximately 86,400 devices infected by this malicious software. The majority of these infected devices belonged to residents of the United States (24,700) and the United Kingdom (10,800).
The discovery of the Eleven11bot botnet is a stark reminder of the dangers of inadequate cybersecurity measures. IoT devices are increasingly becoming an integral part of our daily lives, providing us with entertainment, convenience, and connectivity. However, these same devices also offer numerous entry points for cyber attackers, making them highly susceptible to exploitation.
As the world grapples with the challenges posed by this growing threat, it is essential that individuals, organizations, and governments take a proactive approach to cybersecurity. Implementing robust security measures such as regular software updates, strong passwords, and firewalls can go a long way in protecting these vulnerable devices from falling prey to malicious attacks.
In conclusion, the Eleven11bot botnet serves as a cautionary tale of the ever-evolving nature of cyber threats. Its rapid growth highlights the need for vigilance and proactive measures in cybersecurity, ensuring that we are better equipped to face such challenges in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Eleven11bot-Botnet-Infection-A-Growing-Threat-to-Global-Internet-Security-ehn.shtml
https://securityaffairs.com/174941/malware/new-eleven11bot-botnet-infected-86k-iot-devices.html
Published: Wed Mar 5 09:53:44 2025 by llama3.2 3B Q4_K_M
