Reaper IoT Botnet

The Reaper IoT botnet is nowhere near as threatening as previously suggested, a new research has claimed.

11:44 31 October 2017

Last week, Check Point Software Technologies claimed that the Reaper IoT botnet might have already infected “an estimated million organisations.” However, Boffins at Arbor networks said that the botnet is nowhere near as threatening. It estimates that the actual size of the Reaper botnet tends to fluctuate between 10,000-20,000 bots. However, it warned that this number could increase at any time.

 

Since the bot has been discovered, two million more hosts have been identified by the botnet scanners as potential Reaper nodes. But for reasons that are yet to be established, they have not been subsumed into the zombie network.

 

Possible explanations include misidentification due to flaws in the scanning code, scalability/performance issues in the Reaper code injection infrastructure, or a deliberate decision by the botmasters to throttle the propagation mechanism.

 

Arbor researchers reckon Reaper is likely intended for use as a booster/stresser service primarily serving the “intra-China DDos-for-hire market.”