Eight days have passed since researchers first warned of a new, potentially Internet-paralyzing botnet made up of cameras, routers, and other so-called Internet-of-things devices. There are good reasons for concern that Reaper, as the botnet has been dubbed, could pose as big a threat as Mirai, the mass IoT infection that last year caused chaos with record-setting distributed denial-of-service attacks.
The more nuanced reality is that Reaper exhibits some unusual behavior that makes it impossible to assess the real danger the botnet presents. Some facts that have come to light over the past few days strongly suggest its developers are amateurs and don’t pose the existential Internet threat initially thought, particularly when comparing Reaper to another established IoT botnet that has gone largely ignored for more than a year.
Then again, Reaper exhibits other attributes that give it an advantage over other botnets. Chief among them is an infection mechanism unlike any seen before in an IoT botnet. Another advantage is that Reaper’s development platform is flexible enough to wage a suite of attacks that go well beyond mere DDoSes. With a few improvements and a few lucky breaks, Reaper could prove to be a real menace.