After striking major countries across the globe, malicious cyber threat “Hide and Seek” (HNS) can hit India a severe blow and the country must be prepared to tackle the cyber attack, a senior executive from Romanian cybersecurity and anti-virus software company Bitdefender has said.
“A malicious cyber threat in the shape of HNS botnet now hovers above the ginormous cyber network of India. While the world still healing from the scars of ransomware cyber-attack, we cannot afford to conjure any other of such attack with such tiny or no information — additionally more threatening and effective,” Zakir Hussain, Director, BD soft, Country Partner of Bitdefender, told IANS.
The botnet now controls 32,312 Internet of Things (IoT) devices globally and seems to undergo massive development as new samples compiled for a variety of architectures have been added as payloads.
“This menace being hardly traceable, can hit India a severe blow. Though the latest technology adopted by the governmental departments of India is sophisticated and safeguarded, ‘prevention is always better than cure’,” Hussain added.
“When the world is still in a rivalry to ‘Hide and Seek’, India can be one of the countries on the list and must be prepared,” he added.
The emerging botnet, that uses custom-built peer-to-peer communication to exploit victims, was spotted by security researchers at Bitdefender Labs on January 10 before it disappeared for a few days.
It returned 10 days later on January 20 in a new and significantly improved form, the researchers said.
“The HNS botnet communicates in a complex and decentralized manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it. The bot can perform web exploitation against a series of devices,” Bitdefender researchers wrote in a blog post.
Once a device is infected, hackers behind the botnet can use commands to control it.
However, the researchers noted that like most IoT botnets, HNS cannot establish persistence on infected devices. With a simple device reboot, the malware can be automatically removed from the compromised device.