Hans D. Baumeister

Hans D. Baumeister

Internet Appliance Botnet-Attack

This article by Proofpoint seems to indicate that everyday, connected appliances such as TV’s, Media Centers, Network Routers and even a Refrigerator have been “assimilated” into a Botnet to send out Spam Emails.

While a Media Center likely has a full-blown Linux (or Windows, in the case of Microsoft devices) on it, a Router certainly will not. I’ve used a number of different Internet routers in the last 15 years, such as a simple D-Link device, an AVM Fritzbox and, in the last couple of years an appliance with m0n0wall installed.

I can’t, for the life of me, imagine that these offer the ability to install a botnet. Sure, give an experienced hacker a device that is open to the WAN side (none are when you pull them out of the box!) and enough time, they will likely gain access to at least the admin menu. Using that, I would imagine it is possible to install a different, roll-your-own firmware that would render the device into a “Borg”. This would, in all likelyhood render the router incapable of doing “it’s thing”, which would obviously uncover the heist very quickly.

That said, botnets aren’t installed by a human taking an hour to hack into the device and load a new firmware (or install malware), but by automated mechanisms run - usually - on other “assimilated” bots.

TV’s and refrigerators will likely also have slimmed-down Linux OS’s that would probably require replacing at least the Kernel to function as a bot; in the case of a TV, that should make using the device spotty at best.

Also, don’t forget: generally, these devices are all in a private network of some sort, protected by IP filters. Again, hackable by a human (given enough time) for sure, but likely not by an automaton.

I’m not a botnet expert, but this sounds too outlandish to be more than a highly interpreted piece of marketing...