The deep web has things unknown to the surface web most of us go to. From the dark side of humans to pretty much the human knowledge. But if you thought that deep web is all about drugs, hacking business, ransomware and selling stolen data, the deep web has gone further than that.
Hackers inside the deep web are selling Distributed Denial of Service (DDoS) botnets. Access to compromised IoT-enabled devices are now for sale.
On October 21st, 2016, the internet was seeing web services that included Twitter, GitHub, PayPal, Amazon, Reddit, Netflix, and Spotify, etc. to have DNS problems, making them inaccessible. The cause of this was a fully-fledged DDoS attack to DynDNS.
Dyn reported a huge army of hijacked IoT devices that powered the massive DDoS attack.
But what seemed to be a well-planned attack, the deep web has that for sale.
According to Forbes, a darknet forum has been selling hacked IoT devices with 180,000 bots that can allegedly carry DDoS attacks up to 1 Tbps. The price asked for 50,000 bots has been set to $4,600 while 100,000 bots are available for $7,500.
Earlier, a DDoS attack at 1 Tbps conducted on OVH hosting through Mirai botnet and 145,000 hacked IoT devices.
DDoS is now a business opportunity.
DDoS attack is basically an increase in traffic (massive influx) that is pushed into servers of a targeted website. By flooding it with traffic, the servers can be overwhelmed with the massive increase. Depleting their resources, the services are then unable to respond.
Usual DDoS attacks use distributed source of traffic from computers running in offices to the ones you have in your house. They became slaves after being compromised to do the hackers' bidding to launch the attack simultaneously, periodically or at random times. But as the Internet of Things (IoT) became popular, those smart devices are now becoming part of the trick.
Now inside the deep web, we're seeing the beginning of IoT botnets sale listings.
IoT devices are meant to be smarter than their average non-connected counterparts. But the thing is, they're vulnerable to hacks because customers of the IoT devices rarely change the devices' default passwords. Second, security products such as antiviruses can be difficult to implement because IoT devices are more complex due to their diversity.
What makes things even worse is that hackers can spread their botnets to those IoT devices without being detected for a long period of time. Furthermore, DDoS using IoT devices are difficult to mitigate because those devices are embedded systems.
IoT devices in general have full internet connectivity, but most of the time they're just idle. Doing nothing with default known password, they can be easily be abused for DDoS purposes. They're like the perfect platform for hackers to initiate their attacks.