Next-Gen Mirai

Presented at DeepSec 2017 „Science First!“, Unknown date/time (Unknown duration)

Badly secured embedded devices enabled the largest DDoS attack on critical networks seen to date: The Mirai attacks in 2016 were largely pegged on Internet-exposed telnet with default credentials. While such telnet accounts are hopefully on their way out, we had a look at the next available hacking options to compromise masses of IoT devices. It turns out that IP cameras can still be compromised remotely in many other ways - even if they are not exposed directly to the internet. In particular, we found issues in communication protocols, control servers and infrastructure design. This talk details how we found such next-gen Mirai vulnerabilities, and will demonstrate a number of them. After seeing what we saw, you will have little doubt that there will always be a bot army of compromised embedded devices.

Presenters:

  • Fabian Bräunlein - SRlabs
    Fabian studied IT-Systems Engineering at HPI in Potsdam, but was always more curious about taking such systems apart. He now works as a Security Researcher and Consultant at Berlin-based hacker collective SRLabs. Fabians previous talks include hacking payment systems at 32c3 and travel systems at HEUREKA.
  • Balthasar Martin - SRlabs
    Balthasar lives in Berlin where he pursues a Masters in IT-Systems engineering while working at SRLabs. He is fascinated by a world populated by "smart" devices that turn out to be as smart as a slice of bread. After the DDoS on Brian Krebs, he got curious about additional ways to disturb the global Internet matrix.

Links:

Similar Presentations: