Hackers are leveraging a critical vulnerability in D-Link DSL routers in an attempt to make them part of Satori, a botnet that is used to take down websites and mine digital coins according to researchers at Netlab 360. Ashley Stephenson, CEO of Corero Network Security commented below.
Ashley Stephenson, CEO at Corero Network Security:
“At this point, Corero detects scans that are indicative of a “bot-herding” phase, seeking devices to compromise as Sartori bots, potentially for multiple botnets owned by different botmasters. The question is, what will those who control the Sartori botnets do next? Will they quietly steal compute cycles to mine bitcoins and deposit them to secret wallets?; will they exfiltrate data hoping to find valuable information they can monetize?; or will they unleash DDoS attacks for a fee via the darkweb? Corero advises preemptive action for consumers using vulnerable routers – follow the manufacturer’s instructions to disable remote administration to reduce your exploit surface. We’ll continue to monitor this activity in advance of any reported attacks.”