Cyber warfare is at its mayor activity level, showing this is the growing interest of the great world powers in the development of powerful cyber weapons. Digital Revolution, a group specialized in mobile hacking, revealed multiple documents describing a Federal Security Service (FSB), the Russian intelligence agency, request for the development of a software variant to launch massive cyberattacks against other countries using Internet of Things (IoT) devices.
Digital Revolution leaked a folder with twelve files including technical details, specifications, diagrams and code snippets of the weapon, known as FRONTON, whose development took place between 2017 and 2018. According to this information, the FSB ordered the acquisition of the cyber weapon through Military Unit 64829, the code name of its Information Security Center.
The mobile hacking group claims that there are three different versions of this project: Fronton, Fronton-3D and Fronton-18. In addition, Digital Revolution hackers assured that any of these tools can infect a smart device (whether cameras, light bulbs, speakers, among others), connecting them to a network and subsequently to a server responsible for the stability of online services in entire countries.
Contractors who developed this malware recommended the FSB create botnets composed almost entirely of IP cameras and surveillance systems connected to the Internet: “Any device with the ability to stream video represents a strong enough communication channel to deploy denial of service (DDoS) attacks efficiently,” mentions one of the recommendations listed in these leaked documents. In addition, contractors highlight the ease with which these devices can be hacked using dictionary attacks and similar techniques used in mobile hacking.
The FSB estimates that an attack using a few hundred thousand IoT devices could cause a crash in social media platforms and file hosting services for hours. As if that weren’t enough, Fronton’s developers say an attack on small-country DNS servers could collapse any Internet connection in the affected territory.
The International Institute of Cyber Security (IICS) states that by the end of 2020, there will be more than 20 billion devices connected to the Internet, so the use of botnets could keep growing. In previous years, botnets like Mirai managed to infect up to 600,000 devices, generating large-scale DDoS attacks. The use of default passwords and lack of software updates are the main factors of attacks against IoT devices.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
