Reaper: The Professional Bot Herder’s Thingbot

blog / Oct 26, 2017 (MODIFIED: Nov 09, 2017)

by David Holmes, Justin Shattuck

While Reaper might be considered an “object lesson” today, it should serve as a blistering warning that IoT security needs to be fixed now.

Interview with the Experts: The Future of IoT Security through the Eyes of F5 Threat Researchers

blog / Oct 19, 2017 (MODIFIED: Nov 14, 2017)

by Debbie Walkowski

When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.

Proposed Legislation Calls for Cleaning Up the IoT Security Mess

blog / Oct 03, 2017 (MODIFIED: Nov 14, 2017)

by Ray Pompon, David Holmes

Legislation is a good first step toward persuading IoT manufacturers (who want to stay in business) to do the right thing when it comes to the security of their devices.

WireX Android DDoS Malware Adds UDP Flood

blog / Sept 01, 2017 (MODIFIED: Oct 04, 2017)

by Julia Karpin, Liron Segal, Maxim Zavodchik

As quickly as attackers commandeer IoT devices to build more “thingbots,” they continue to evolve their attack types and functionality.

"Cry 'Havoc' and Let Loose the Thingbots of War!"

blog / Aug 17, 2017 (MODIFIED: Sept 21, 2017)

by Lori MacVittie

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

The Hunt for IoT: The Rise of Thingbots

report / Aug 09, 2017 (MODIFIED: Oct 17, 2017)

by Sara Boddy, Justin Shattuck

With “thingbots” now launching Death Star-sized DDoS attacks, hosting banking trojans, and causing physical destruction, all signs are pointing to them becoming the attacker infrastructure of the future.

Default Passwords Are Not the Biggest Part of the IoT Botnet Problem

blog / Jun 06, 2017 (MODIFIED: Jul 20, 2017)

by Lori MacVittie

Providers and manufacturers could go a long way toward reducing the very real threat of IoT.

THE HUNT FOR IoT: The Networks Building Death Star-Sized Botnets

report / May 10, 2017 (MODIFIED: Aug 07, 2017)

by Sara Boddy, Justin Shattuck

With a growth rate of 1,473% in 2016, the hunt for vulnerable IoT devices rages on...

Marcher Gets Close to Users by Targeting Mobile Banking, Android Apps, Social Media, and Email

article / Apr 07, 2017 (MODIFIED: Sept 11, 2017)

by Doron Voolf

Marcher targets focused on European, Australian, and Latin American banks, along with PayPal, eBay, Facebook, WhatsApp, Viber, Gmail, and Yahoo—all in the month of March.

Speed Over Security Still Prevalent in Spite of Substantial Risk for IoT Apps

blog / Mar 03, 2017 (MODIFIED: Jul 06, 2017)

by Lori MacVittie

Speed to market means IoT and mobile apps are being released with known vulnerabilities.

IoT Threats: A First Step into a Much Larger World of Mayhem

blog / Jan 17, 2017 (MODIFIED: Sept 01, 2017)

by Ray Pompon

So far, we’ve seen IoT DDoS attacks on a Death Star scale. What's next for those of us that may be caught in the blast?

DDoS's Newest Minions: IoT Devices (Volume 1)

report / Oct 08, 2016 (MODIFIED: Jul 06, 2017)

by Justin Shattuck, Sara Boddy

The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices.

Mirai: The IoT Bot that Took Down Krebs and Launched a Tbps Attack on OVH

article / Oct 06, 2016 (MODIFIED: Jul 06, 2017)

by Liron Segal

The Mirai botnet has infected hundreds of thousands of Internet of Things (IoT) devices, specifically security cameras, by using vendor default passwords for Telnet access.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.