On January 30, 2018 a new mass exploitation tool called “Autosploit” was released on Github, a Git repository hosting service. Autosploit leverages Python code to automatically search for vulnerable devices connected to the Internet and then uses Metasploit’s collection of exploits to take over computers and IoT devices. It automatically trolls the Internet for vulnerable devices which can be leveraged for DDoS attacks. Autosploit is not new code, per se, because it is a combination of the previously existing Shodan and Metasploit modules, which have been used for penetration testing. However, this “marriage” of code makes it easier than ever for hackers to recruit new devices to their own botnet that could be used to mine cryptocurrencies, hack Internet applications or launch distributed denial of service (DDoS) attacks.
Autosploit enables both skilled cybercriminals and amateurs who lack technical expertise (also known as “script kiddies”) to form massive DDoS botnets, thus expanding the pool of potential hackers. As a result, many security experts predict an increase in the number of DDoS attacks and other cyber incidents.
A significant motivation behind DDoS attacks is for financial gain, via extortion and ransom threats. These new, evolving malware-as-a-service tools and techniques, is the signal that the gates are down and companies are faced with being attacked continuously. These forms of malware provide unending opportunities for cybercriminals to hijack vulnerable devices and subsequently launch attacks against online organizations with ease.
It is imperative for organizations to implement a next generation, Internet gateway that includes a best of breed DDoS layer of security to immediately detect and mitigate DDoS attacks. Without this DDoS mitigation layer, companies who are hit with a DDoS attack could face significant loss of revenues and reputation due to outages.
For more information, contact us.