Linux.Wifatch makers plan to go after Lizard Squad's botnet

Feb 10, 2016 16:35 GMT  ·  By
Lizard Squad and The White Team enter a cyber-war for control over weak IoT devices
   Lizard Squad and The White Team enter a cyber-war for control over weak IoT devices

The very same hackers that created the Linux.Wifatch malware last October are now planning to take over Lizard Squad's botnet of infected IoT devices in an attempt to shut down their operations, Thomas Fox-Brewster reports for Forbes.

While in past years hackers relied on malware that infected desktop PCs to create a bot network to use in DDoS attacks, this changed with the rise of smart IoT devices.

Because of countless insecure and improperly designed and configured smart devices, hacking crews are finding that abusing zero-days and vulnerabilities discovered in IoT equipment allows them to build bigger botnets at a much faster pace than by targeting regular PCs.

This is exactly how the infamous Lizard Squad built its botnet and is now selling access to some of its machines via its online subscription service called Lizard Stresser.

Enter The White Team, the Internet's vigilante white hat hackers

It's for this reason that, last October, a team of anonymous security researchers teamed up to create The White Team and later put together a malware family called Linux.Wifatch.

This particular trojan (if you can call it that) has been seen by many security companies infecting routers and then boosting their security measures.

According to an email they've showed to Forbes, these goody-two-shoes hackers have received mocking emails from Lizard Squad's admin, trying to deter them from their current endeavor.

While the Lizard Squad member was boasting about having a botnet of between 150,000 and 200,000 infected devices, he seemed pretty concerned about The White Team's clean-up campaign.

Lizard Squad has a botnet of 150K-200K devices, The White Team has 50K-70K

From their side, The White Team has revealed to the Forbes reporter that their botnet has evolved from 10,000 routers it had in October, and it now constantly fluctuates between 50,000 and 70,000 machines, something that an independent security researcher from Symantec has been able to confirm.

Although only at the level of kindergarten spat, these he-said, she-said exchanges reveal some concern from Lizard Squad, who may have lost crucial territory thanks to The White Team's vigilante campaign.

Because of the infamous DDoS attacks that Lizard Squad carried out against the PlayStation and Xbox networks on Christmas 2014, many people are probably rooting for The White Team.

Many are hoping that, besides the 2015 arrests that crippled the original Lizard Squad hacking crew, these undercover security researchers will also shatter the group's botnet and put an end to its technical capabilities and main revenue stream.