Unidentified hacker created botnet called ‘Carna’ to make a world map of devices that use IPv4 protocol. The criminal found out that there is a lot of unprotected IPv4-devices in the Web. The only thing needed to take control over them was entering default account credentials, such as «root:root» or «admin:admin».
«I saw the chance to really work on an Internet scale, command hundred thousands of devices with a click of my mouse, portscan and map the whole Internet in a way nobody had done before, basically have fun with computers and the Internet in a way very few people ever will», - stated hacker.
To make his plans real the hacker created two binary files, 46 and 60 K each, written in C with two parts, and then downloaded these files to users' machines.
As a result, the cybercriminal was able to easily spy on IPv4 devices. He recorded every IP-address responsible for at least one of the 52 billion pings sent during June-October 2012. About 420 million IP-addresses responded to pings sent by Carna botnet.
The cybercriminal managed to take control over more than 420 thousand machines that created Carna botnet. Such a number of bots indicates a low level of security of Internet-connected PCs.
The hacker claims he did not harm the bots, and the downloaded files were self-removed after reboot.
You may find a full botnet’s description here.
