A new IoT Botnet branded RapperBot has been discovered within the wild since mid-June.
“This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai,” a report from FortiGuard states.
The name has been provided due to an embedded URL within the code to a YouTube rap music video within earlier versions. Once the Botnet is created, it begins targeting Linux-based servers with a suspected 3,500 unique IP addresses, which are brute force attempted.
To reduce the impact of brute force attacks, there are several simple steps that can be taken. The use of MFA will create that extra layer of security which, even if the password is successfully attained, the MFA will prevent further access. Implementing a lock-out stage upon a defined number of unsuccessful attempts will reduce the number of attempts an attacker can make within short time frames. This can also be linked to alerts on identifying these unsuccessful attempts.
To make it harder to brute force a password, it is essential to ensure the use of complex passwords and keep them unique to every account. The use of password managers can help with this as they can generate unique and complicated passwords and store them securely, so you do not have to remember every single password.