IoT Army —
Poking Botnets with a Honeypot
Internet of Things (IoT) attacks on the rise. In this session, I would like to share interesting stories about observing IoT botnets attacks with a single home-based honeypot.
At the beginning of 2017, I started to study telnet traffics with a honeypot. With the open source honeypot Glutton, I emulated a handful of telnet commands and listened to the Internet.
Various new Mirai variants were hitting the honeypot aggressively. With the mark and stains, I traced the trails to different notorious bot herders behind the scene. In addition, there are sneaky Hajime botnet mutants evolve with different evasive tricks over time, unexpected visitors with hilarious commands, misconfigured botnets, etc.