[nexa] Russia Has New Tool For Massive Internet Shutdown Attack, Leaked Documents Claim - Defense One

Alberto Cammozzo ac+nexa at zeromx.net
Sat Mar 21 21:30:31 CET 2020


As the world hunkers down in coronavirus isolation and relies on the
internet more than ever, a group of dissidents has revealed that Russia
has new tools to shut down internet services by tapping
internet-connected cameras and similar smart devices.

It’s a new version of an old weapon — a creator of botnets that can
drive an internet service offline with floods of fake data — that puts
to use a previously untapped source of computing power: the ever-growing
“internet of things.”

The new botnet tool was revealed in documents that give instructions for
using a suite of hacking apps called Fronton, Fonton-3D, and Fonton-18.

That doesn’t mean the Russian FSB security service will soon be peering
through Americans’ cell phones and laptops or internet-connected
doorbells. Instead, it means that the Russian government has a new tool
for creating a DDoS-capable botnet. These botnets harness the computing
power of millions of internet-connected things, direct them to spew
random data at specific computers, and overwhelm vital services into
uselessness. With millions of Americans newly teleworking during the
COVID-19 pandemic, the United States has never been more dependent on
the internet.

The internet of things, or IoT, is a term-of-art for the vast array of
electronic products that connect to the internet, from refrigerators to
medical equipment to automobiles. IoT vulnerabilities have long worried
national security experts who say adversaries could exploit them to shut
down entire sectors of digital capabilities and infrastructure.

The documents say “An attack on national DNS servers can make the
Internet inaccessible for several hours in a small country.”

On Wednesday, the group Digital Revolution claimed to have obtained
technical documents that detail a suite of hacking tools — Fronton,
Fonton-3D, and Fonton-18 — and offer advice for tapping into smart
devices, including security cameras. Created in 2017 and 2018 by
Russia’s FSB Information Security Center, the documents explain how to
use the tools to make large botnet attacks on critical national services.

More information about the nexa mailing list