According to a new report from cybersecurity firm Netscout, DDoS attacks have are becoming more frequent and complex as a result of Covid-19 and the remote working explosion.
The report, which analyzes the effects of remote working on the overall cybersecurity posture in the UK, states that cybercriminals “continued their impressively efficient efforts to syphon in the latest IoT exploits and churn out new Mirai-based variants.”
For context, the researchers logged 929,000 DDoS attacks in May alone.
Mirai (a botnet that hijacks IoT devices uses its bandwidth to execute large-scale DDoS attacks) variants continue to be the most dominant botnets out there, but several non-Mirai IoT malware samples also caught Netscout's attention.
Gafgyt, a multi-architecture IoT bot, for example, comes with “several similarities to Mirai”.
“Gafgyt has used telnet with default/factory credentials and exploits to spread to vulnerable IoT devices,” the researchers explained. “Like Mirai, Gafgyt supports several TCP, UDP, and HTTP based DDoS attacks.”
The report also claims that whoever is responsible for creating Gafgyt remains active, as it is “continuously undergoing development”.
Netscout claims to have spotted a significant spike in Gafgyt samples from February through June.