Slashdot Mirror
BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems (bleepingcomputer.com)
An anonymous reader quotes a report from Bleeping Computer: "The author of the BrickerBot malware has claimed a cyber-attack that affected several Indian states and has caused over 60,000 modems and routers to lose Internet connectivity," reports Bleeping Computer. "The incident affected modems and routers belonging to Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL), two Indian state-owned telecommunications service providers." The BrickerBot malware infected modems that used default passwords and modems that the two ISPs left exposed via the TR069 management interface to connections from anywhere on the Internet. BrickerBot is a malware strain that affects Linux-based IoT and networking devices. Unlike other malware that hoards devices into botnets for DDoS attacks and other purposes, BrickerBot "bricks" the equipment by rewriting its flash storage with random data. In most cases this bricking effect can be reversed, but in some cases this is permanent. BSNL and MTNL had worked to fix problems but efforts were delayed after a BSNL workforce strike. The BrickerBot author also raised the alarm about similar exposed devices on the network of Pakistan Telecommunication Company Limited (PTCL). In April, the BrickerBot author claimed he bricked over 2 million devices.
(sorry, will be here all week, try the veal)
The problem is that it simply isn't true anymore with botnets. Before them all of the idiots getting infected wasn't a problem to people who were doing security right. However now mass armies of zombie-botnets are causing major persistent DDOS problems to the people who are doing the right things, and worse trying to get ransoms from it. I don't necessarily approve of what brickerbot's author is doing morally and legally but there is a valid logic to it. Either stop your systems from being a threat to everyone else or have them wrecked. Bricking is also something fixable by someone with enough expertise at least - who would also be more than capable of actually securing and it and inclined to do so after they had fix the previous mess.
what's the point, really?
To remove insecure devices from the internet rather than allow bad actors to take advantage of them.
The only victims here are people who aren't responsible for this.
If you paid money for an insecure device, you are responsible for financing a distributor of insecure devices.
Yes, we know shit is insecure,
And you should also know that insecure shit is going to be bricked.
but take it on the people responsible for this, not on the users. They will still be billed. And no one will be fired for the mistake.
If you give enough people a headache, they will give other people a headache for it happening. Eventually, the people responsible will either change their ways or it's going to be a painful decade for them.
Anons need not reply. Questions end with a question mark.
what's the point, really? The only victims here are people who aren't responsible for this. They're left without internet for days until this is fixed. Yes, we know shit is insecure, but take it on the people responsible for this, not on the users. They will still be billed. And no one will be fired for the mistake.
The entire point of targeting insecure hardware is to get the attention of those who created that clusterfuck in order for them to fix it.
Yes, that sometimes means innocent victims get caught in the crossfire. That bullshit will continue until vendors pull their head out of their ass and learn to prioritize security over profits. And speaking of profits and impact, if I were the customer, I certainly would not be paying for service during an outage. I'd be demanding a refund and consider leaving for another provider.
If you give enough people a headache, they will give other people a headache for it happening. Eventually, the people responsible will either change their ways or it's going to be a painful decade for them.
My boss told me years ago, that the best way to get action from someone with a problem I was having was to make it their problem.
And damned if that wasn't some of the best advive I ever got. Yes, it pissed off some folks, but yes, they remembered that I expected a quick response in the future.
I don't care if these people using this insecure hardware are blacklisted until they remove it. Watch how quickly that particular problem goes away.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
This is the first time I'm hearing of BrickerBot, but did the author release any news that this is a clever strike against the diabolical surveillance capabilities of intelligence agencies? It seems like a response by someone tired of armies of DDOS bots crowding the internet and a lack of action by popular ISPs to secure their own devices.
Sure, in future (or even at present) many governments will classify this as 'terrorism', as punishments are much easier to sell to public under terrorism laws regardless of actual intent or magnitude of the crime. But even so, it will remain far easier for black hats to actually effect positive change in getting rid of botnets - white hats who actually report bugs are quite likely to be just ignored, with a small chance of actually getting charged for intrusion instead. Think of the recent story of the 'hacker' who used Firebug to get cheaper train fare or something in Belarus or w/e ... the company just ended up calling the cops on him! Having such actions subject to stronger anti-terrorism laws, and as usual without proper exemptions for responsible reporting, will only end up with responsible white hat types having a harder time in fixing or reporting major issues that they come across.
> They're left without internet for days until this is fixed.
These are days which they will spend complaining about service, and some will be shopping around for other providers. If a significant fraction jump ship, the ISP is going to get a sudden motivation boost to start reading up on basic security practices that are essential in a highly connected world.
Same with Air Pollution,
Same with Privacy,
Same with Getting DDoS,
Same with Every Other Problem in the global world.
Just because you are ignorant, doesn't mean you are excused from responsibility.
In this case where you are not part of the Solution, You are part of the Problem.
Given the real level of technology there, they hacked 60,000 Bell 202 modems...
And speaking of profits and impact, if I were the customer, I certainly would not be paying for service during an outage. I'd be demanding a refund and consider leaving for another provider.
Well, we are talking about India here. I am not so sure that their country would have a similar way of dealing with bad services. If you have ever lived in one of the 3rd world countries, you may get some ideas how disadvantage consumers are having...
This is India we're talking about. The ISP is probably the local telephone company which is run by the government. And disparaging the government will get you disappeared. In a country of 1.4+ billion people, no one would notice. (India and China are basically neck and neck for most populous country, and the "leader" switches frequently).
And if they knocked an entire village offline, that means a 2-day trek to check their email again, and kids are stuck without educational materials, so go work in the fields.
Many areas of the USA are served by only one ISP. I can't believe it is much different in India. For many people, there isn't any such thing as "shopping around".
That's the problem with the average Slashdot user "hurr durr if your ISP is bad, just switch".