Over 25,000 hacked internet-connected CCTV cameras are being used for a denial-of-service botnet, according the researchers from the security firm Sucuri.
The discovery came after Sucuri mitigated a DDoS attack against a jewelry store site; it had been generating 35,000 HTTP requests per second. But after bringing the website back up, researchers said the attacks increased to nearly 50,000 HTTP requests per second. When the attack continued for days, the researchers discovered the attack botnet was leveraging only IoT CCTV devices which were located across the globe.
Although this is not the first CCTV-based DDoS botnet discovered, since 900 had been used in attacks last year, it is the largest yet to be discovered. “It is not new that attackers have been using IoT devices to start their DDoS campaigns,” Sucuri wrote, “however, we have not analyzed one that leveraged only CCTV devices and was still able to generate this quantity of requests for so long.”