TLP AMBER ANNOUNCEMENT:
The Reaper IoT is a recently discovered Internet of Things (IoT) botnet that is proving to be more sophisticated and aggressive than the infamous 2016 Mirai IoT botnet. Despite the large botnet size reported by Tenable, there are very few IoT Reaper specimens available on Virus Total and other malware sharing sites. This is important to note as the number of specimens is often a reflection of the amount of infections. For example, there are currently thousands of Mirai specimens as opposed to a few dozen IoT Reaper specimens available. To date, no Distributed Denial of Service (DDoS) attacks have been observed with the IoT Reaper botnet. Wapack Labs analysts are providing this document as a summary of mitigations and indicators for Reaper malware and observed exploits. Wapack Labs recommends testing of all signatures before deployment...READ MORE
Wapack Labs has cataloged and reported on IoT and botnets in the past. An archive of related reporting can be found in the Red Sky Alliance portal.
This TLP AMBER report is available only to Red Sky Alliance members.