P2P Botnet

This unusual new IoT botnet is spreading rapidly via peer-to-peer communication

A new Internet of Things botnet is the first of its kind to use custom-built peer-to-peer communication to spread to new targets.

Dubbed Hide 'N Seek (HNS) by the researchers at security company Bitdefender, the botnet first appeared in early January before disappearing then re-emerging on January 20.

The botnet communicates between devices using a decentralised peer-to-peer mechanism. It uses the same exploit as the Reaper botnet to infect devices, although there's currently no indication that the two armies of hijacked machines are related.

While Hide 'N Seek isn't the first botnet to have a peer-to-peer element -- the Hajime botnet used P2P architecture -- but rather than being constructed around a existing BitTorrent protocol, HNS uses a custom-built P2P system.

Equipped to carry out commands including data exfiltration, code execution, and interfering with a device's operation, initial reports said 2,700 devices were infected by the malware as of the end of January 23.

Now, under 48 hours later, the figure is thought to be over 24,000, and the botnet has spread around the globe. This is a network which just days ago was only made up of 12 devices in South-East Asia.