Botnets serve a variety of purposes. Usually they are used to send unsolicited e-mail messages (a.k.a. spam), attack targets by sending crafted data packets, or to perform similar activities. The Carna Botnet was created by an anonymous researcher to scan the IPv4 Internet. The creator called the botnet the Internet Census of 2012. The nodes of the botnet consist of virtually unsecured IPv4 devices – modems and other network equipment. Point of entry where mostly Telnet management interfaces exposed to the Internet. Analysing the devices that were part of the Carna Botnet is well worth the effort. This is why we invited Parth Shukla (Australian Computer Emergency Response Team, AusCERT) to present his findings about the Carna Botnet at DeepSec 2013.
„A complete list of compromised devices that formed part of the Carna Botnet was obtained exclusively by Parth Shukla. This list is NOT publicly available from any source. This data was acquired directly from the anonymous researcher who performed the Internet Census. As confirmed by the researcher, AusCERT to date remains the only organization and researcher in the world that has the complete dataset. Relevant snippets of this data, however, have been provided to CERTs around the world in order to reduce the threat made explicit by the Carna Botnet.
This presentation at DeepSec will provide up-to-date analyses of all the different identifying information for each of the compromised devices that formed part of the Botnet. This detailed analysis will indicate the prevalence of easily-exploited vulnerabilities in different countries, regions and in the devices of different manufacturers. Therefore, what these security problems mean for DeepSec attendees, IT professionals and manufacturers around the world will be thoroughly examined. The ultimate aim of this presentation is to continue to draw public awareness to the larger concerns for information security professionals worldwide and for the world’s largest economy of Europe. Hopefully, this awareness will persuade manufacturers and even local ISPs to collaborate and address this problem. The Carna Botnet reminds us all that there are numerous, simpler vulnerabilities at risk of exploitation and in need of immediate attention.“
We highly recommend listening to this presentation.