IoT

Threat Modeling the Internet of Things: Modeling Reaper

Reaper is just one more blinking light in the faces of the InfoSec community reminding us that we need to get ahead of IOT madness.
By David Holmes
March 09, 2018
1 min. read

An advanced thingbot, nicknamed Reaper (or IoTroop), was recently discovered infecting hordes of IoT devices. Reaper ups the ante for IoT security. It has a sophisticated C2 channel system and a Lua code execution environment (to deliver much more complicated attacks), and it comes prepackaged with 100 DNS open resolvers.

Researchers are tracking Reaper, even though it hasn’t launched any attacks yet. Let’s hope it’s like Conficker—an original virus/botnet that at its peak enslaved 10 million Windows boxes, but was never activated.

Read the full article published December 13, 2017 here: http://www.securityweek.com/threat-modeling-internet-things-modeling-reaper by Security Week.

TAGS: Thingbot Cross-site scripting Injection Threats Cybercrime IoT remote code execution Espionage reaper Web Application Attacks Services Tier IoTroop Cross-site request forgery
Join the Discussion
Authors & Contributors
David Holmes (Author)
Sr. Threat Research Evangelist
About David All Articles

More from Learning Center

Forward and Reverse Shells
Forward and Reverse Shells
09/15/2023 article 5 min. read
Web Shells: Understanding Attackers’ Tools and Techniques
Web Shells: Understanding Attackers’ Tools and Techniques
07/06/2023 article 6 min. read
What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
07/05/2022 article 13 min. read