Next-gen IoT botnets - leveraging cloud implementations for shells on 500k IoTs

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 7, 2019, 4 p.m. (45 minutes)

Traditional IoT botnets operate pretty much like shooting fish in a barrel. With an elephant gun. This "space", however, is getting crowded and botnet masters will start looking for alternatives. This talk will show one of the possible futures - leveraging cloud platforms to mass hack hundreds of thousands of devices. We'll start with a quick 'n dirty crash course for those just getting started with IoT hacking, a brief glimpse into the current status of IoT botnets and get down to business with showing our research on a few popular IoTs with demos for each finding.


  • Alex "Jay" Balan
    Alex "Jay" Balan works as Chief Security Researcher and his career is focused on information security, innovation and product strategy, fields in which he has so far accumulated over 15 years of experience. He drove the vision for Bitdefender’s UNIX-based security solutions before kickstarting an ambitious project that would advance the company’s R&D department and steer a good part of the company’s focus towards technology and innovation