Call it the attack of the zombie refrigerators.
researchers said this week they discovered a large "botnet" which
infected Internet-connected home appliances and then delivered more than
750,000 malicious emails.
The California security firm
Proofpoint, Inc., which announced its findings, said this may be the
first proven "Internet of Things" based cyber-attack involving "smart"
Proofpoint said hackers managed to penetrate
home-networking routers, connected multi-media centers, televisions and
at least one refrigerator to create a botnet or platform to deliver
malicious spam or phishing emails from a device, usually without the
Security experts previously spoke of such attacks as theoretical.
Proofpoint said the case "has significant security implications for
device owners and enterprise targets" because of massive growth expected
in the use of smart and connected devices, from clothing to appliances.
findings reveal that cyber criminals have begun to commandeer home
routers, smart appliances and other components of the Internet of Things
and transform them into 'thingbots,'" to carry out the same kinds of
attacks normally associated with personal computers.
firm that these appliances may become attractive targets for hackers
because they often have less security than PCs or tablets.
said it documented the incidents between December 23 and January 6,
which featured "waves of malicious email, typically sent in bursts of
100,000, three times per day, targeting enterprises and individuals
More than 25 percent of the volume was sent by things
that were not conventional laptops, desktop computers or mobile devices.
No more than 10 emails were initiated from any single device, making
the attack difficult to block based on location
already a major security concern and the emergence of thingbots may make
the situation much worse," said David Knight at Proofpoint.
of these devices are poorly protected at best and consumers have
virtually no way to detect or fix infections when they do occur.
Enterprises may find distributed attacks increasing as more and more of
these devices come online and attackers find additional ways to exploit