Cybernews reports that the newly-emergent Eleven11bot distributed Denial-of-Service (DoS) botnet has already compromised 86,400 security cameras, network video recorders, and other Internet-of-Things (IoT) devices worldwide — almost three times higher than estimated by the Nokia Deepfield Emergency Response Team, which initially identified the botnet last week.
Most of the infections were in the U.S. and the UK, which had nearly 25,000 and almost 11,000 impacted devices, respectively, according to The Shadowserver Foundation. The Eleven11bot botnet was previously disclosed by ERT to have launched DDoS intrusions of significantly varying intensities against communications service providers, gaming hosting infrastructure, and other industries.
Another report by GreyNoise showed mostly unspoofable IP addresses in the Eleven11bot botnet. With attackers leveraging brute-force tactics, targeting weak credentials, and scanning for vulnerable SSH and Telnet ports, organizations have been urged by GreyNoise to replace default passwords, apply firmware updates, and restrict unneeded remote access, as well as activate DDoS defenses.
