New Fortinet findings show that the P2P Hide ‘N Seek (HNS) botnet now also includes exploits to target home automation systems and devices, noting: “Hide ‘N Seek authors recently included an exploit for a HomeMatic Zentrale CCU2 remote code execution vulnerability, the malicious code allows the botnet to target devices in smart homes controller by the HomeMatic central unit.” In response, a botnet expert with Corero Network Security offers perspective.
Sean Newman, Director Product Management at Corero Network Security:
“The continued evolution of the Hide ‘N Seek botnet, gathering up new IoT vulnerabilities which enable it to ensnare devices from an ever-expanding list of manufacturers, illustrates the extent to which attackers are now able to construct these damaging botnets. And the worrying thing is, that they no longer need to rely on the simplistic password brute-forcing of the original Mirai botnet. Organizations need to ensure they are prepared against the potential uses for these botnets, including the damaging DDoS attacks they can launch.”