- A new threat looms large on the horizon of cyberspace. After Mirai and Reaper, cybersecurity agencies have detected a new malware called Saposhi, which is capable of taking over electronic devices and turning them into ‘bots’, which can be then used for any purpose, including a Distributed Denial Of Service attack which, with enough firepower, can cripple entire industries.
- Saposhi is similar in its intensity to Reaper, which was taking over millions of devices at the rate of 10,000 devices per day. Various cyber security agencies are currently keeping tabs on it to get a better idea of what it is capable of.
- Malwares like Saposhi, Reaper and Mirai are primarily aimed at DDoS attacks, in which the malware first creates a network of bots — called a botnet — and then uses the botnet to ping a single server at the same time. As the number of pings are far beyond the server’s capacity, the server crashes and denies service to its consumers. For example, if a large enough botnet attacks the server of a fleet cab provider, its server will crash and scores of consumers will be unable to avail of its services.
- Meanwhile, officials said that Reaper continues to be a concern.
- “Once a malware is out into cyberspace, it is next to impossible to neutralise it. In such a scenario, consistent review of existing security mechanisms is the best course of action to follow.
- Over the four months since Reaper was released, there have been sporadic instances of consumers of various services, including some leading text messaging apps, being affected. However, we are yet to confirm whether these were due to Reaper.
How a malware works:
- A malware is released into cyberspace, with specific instructions programmed into it. The instructions direct the malware to take over as many devices connected to the internet as possible.
- Depending on its programming, the malware turns internet-connected devices into ‘bots’, and starts building a botnet.
- Malwares like Reaper and Saposhi are capable of identifying weaknesses in devices and exploiting them to turn the devices into bots.
- Once a large enough botnet is created, simultaneous pings are sent to a single server, causing a server failure, which is called a Distributed Denial of Service attack.
- Depending on the size of the botnet, malwares can execute multiple DDOS attacks at the same time, or over a period of time.