After striking major countries across the globe, malicious cyber threat "Hide and Seek" (HNS) can hit India a severe blow and the country must be prepared to tackle the cyber attack, a senior executive from Romanian cybersecurity and anti-virus software company Bitdefender has said.
Zakir Hussain, Director, BD Soft, Country Partner of Bitdefender, told IANS,
A malicious cyber threat in the shape of HNS botnet now hovers above the ginormous cyber network of India. While the world still healing from the scars of ransomware cyber-attack, we cannot afford to conjure any other of such attack with such tiny or no information — additionally more threatening and effective.
The botnet now controls 32,312 Internet of Things (IoT) devices globally and seems to undergo massive development as new samples compiled for a variety of architectures have been added as payloads. Hussain added,
This menace being hardly traceable, can hit India a severe blow. Though the latest technology adopted by the governmental departments of India is sophisticated and safeguarded, 'prevention is always better than cure'.
"When the world is still in a rivalry to 'Hide and Seek', India can be one of the countries on the list and must be prepared," he added.
The emerging botnet, that uses custom-built peer-to-peer communication to exploit victims, was spotted by security researchers at Bitdefender Labs on January 10 before it disappeared for a few days.
It returned 10 days later on January 20 in a new and significantly improved form, the researchers said.
"The HNS botnet communicates in a complex and decentralised manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it. The bot can perform web exploitation against a series of devices," Bitdefender researchers wrote in a blog post.
Once a device is infected, hackers behind the botnet can use commands to control it.
However, the researchers noted that like most IoT botnets, HNS cannot establish persistence on infected devices. With a simple device reboot, the malware can be automatically removed from the compromised device.