{"id":3541,"date":"2014-01-22T10:00:53","date_gmt":"2014-01-22T15:00:53","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=3541"},"modified":"2020-02-26T10:46:47","modified_gmt":"2020-02-26T15:46:47","slug":"beware-the-thingbot","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/beware-the-thingbot\/3541\/","title":{"rendered":"BEWARE THE THINGBOT!"},"content":{"rendered":"<p>We talk about <a href=\"https:\/\/www.kaspersky.com\/blog\/hacking-toilets\/\" target=\"_blank\" rel=\"noopener nofollow\">hackable consumer devices<\/a> a lot here on the Kaspersky Daily. Generally though, the hacks are hypothetical, performed in controlled environments by <a href=\"https:\/\/www.kaspersky.com\/blog\/car-hacking\/\" target=\"_blank\" rel=\"noopener nofollow\">computer scientists and professional hackers<\/a>, some of whom prefix and suffix their names with the title of Doctor or the letters PhD respectively.<\/p>\n<p style=\"text-align: center;\">\n<\/p><p>Today however, <a href=\"https:\/\/www.kaspersky.com\/blog\/black-hat-security-conference\/\" target=\"_blank\" rel=\"noopener nofollow\">consumer device attacks<\/a> became very real when researchers from the security firm <a href=\"http:\/\/www.proofpoint.com\/threatinsight\/posts\/your-fridge-is-full-of-spam-proof-of-a-Iot-driven-attack.php\" target=\"_blank\" rel=\"noopener nofollow\">Proofpoint<\/a> uncovered a spam campaign seeming to originate from connected multi-media centers, <a href=\"https:\/\/www.kaspersky.com\/blog\/the-smart-tv-that-watches-you\/\" target=\"_blank\" rel=\"noopener nofollow\">smart televisions<\/a>, at least one refrigerator, and a slew of other devices that technically aren\u2019t computers but pretty much look and act like computers.<\/p>\n<p>According to a report published on their ThreatInsights blog, while conducting some routine email-threat monitoring during the holidays, one of the company\u2019s researchers discovered some 750,000 spam messages coming from something other than a desktop or laptop computer. Rather, they claim, these messages are being generated by a botnet consisting of devices within <a href=\"https:\/\/www.kaspersky.com\/blog\/securing-the-internet-of-things\/\" target=\"_blank\" rel=\"noopener nofollow\">the Internet of things<\/a>. Or, as they are calling it, a \u201cThingbot.\u201d<\/p>\n<div class=\"pullquote\">One of the company\u2019s researchers discovered some 750,000 spam messages coming from something other than a desktop or laptop computer<\/div>\n<p>To be fair, the company claims that much of the spam is coming from fairly traditional devices, like routers and network-attached storage devices. In all, the researcher that uncovered the spam believes that the group machines generating these malicious messages \u2013 in addition to those we\u2019ve already discussed \u2013 could include XBOXes, PS3s, Nintendo Wiis, and various types of set-top boxes, much of which runs on embedded linux or apache operating systems of ARM-like microcomputers.<\/p>\n<p>\u201cThis proof of a systematic compromise of [Internet of things] devices and its subsequent use of those Thingbots to further attack other networks is something we\u2019ve never seen before \u2014 but suggests an unfortunate future for both home users and Enterprises, the latter of whom now faces an even larger volume of malicious attack capacity,\u201d the company wrote.<\/p>\n<p>Speaking of enterprises, Proofpoint says that vulnerable or infected appliances that are connected to the Internet can potentially pose a risk to corporate networks.<\/p>\n<p>\u201cAll a user has to do is use a remote [remote desktop protocol] connection, or conceivably simply take an action like checking their fridge from their work PC; if a classic drive-by or even a redirect has been installed, the work PC is now compromised (though this is arguably more farfetched),\u201d the company reasoned on their blog. \u201cClearly, as the trend towards smart devices and BYOD increases, the risk of Enterprise exposure increases correspondingly, exponentially.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We talk about hackable consumer devices a lot here on the Kaspersky Daily. Generally though, the hacks are hypothetical, performed in controlled environments by computer scientists and professional hackers, some<\/p>\n","protected":false},"author":42,"featured_media":3542,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2683],"tags":[264,78],"class_list":{"0":"post-3541","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-device-security","9":"tag-hackers"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/beware-the-thingbot\/3541\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/beware-the-thingbot\/2829\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/beware-the-thingbot\/2723\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/beware-the-thingbot\/3060\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/beware-the-thingbot\/2932\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/beware-the-thingbot\/2392\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/beware-the-thingbot\/3541\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/beware-the-thingbot\/3541\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/device-security\/","name":"device security"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=3541"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3541\/revisions"}],"predecessor-version":[{"id":33015,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3541\/revisions\/33015"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/3542"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=3541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=3541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=3541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}