Carna Botnet

How big is the internet?

How long wouldCarna Botnet t take to scan the whole thing?

These questions have been answered in The Internet Census 2012. Yes, someone took the time and effort to map the entire internet. But how? With a botnet of course!

But this botnet was different. Normally, botnets consist of virus-infected computers that hackers use to do their bidding – send SPAM, perform denial of service attacks, etc. This botnet did not consist of “computers” at all – it was built out of unsecured routers. In fact, it was built out of 420,000 of them. It was created by what amounts to an internet worm that was built from pieces of OpenWRT – the open source router software that runs on home routers. Each node in the net would scan its little piece of the internet but also look for other suitable devices to run another copy of itself on. Suitable devices were other routers that could run the necessary software and that had very poor passwords.

It’s interesting to see the data that the census came up with. But even more interesting, it’s interesting how many routers can be easily broken into without even needing to use firmware vulnerabilities – they can be broken into because of really poor passwords.


A map of the locations of the clients of the botnet