Cybersecurity specialists have uncovered an enormous Distributed Denial-of-Service (DDoS) botnet referred to as “Eleven11bot.”
This new menace, found by Nokia’s Deepfield Emergency Response Group (ERT), shared in LinkedIn, has compromised a staggering 30,000 community units, predominantly webcams and Community Video Recorders (NVRs).
The botnet has been noticed conducting hyper-volumetric DDoS assaults, primarily concentrating on sectors like communications service suppliers and gaming internet hosting infrastructure.
The Emergence of Eleven11bot
Recognized on February 26, 2025, Eleven11bot has quickly escalated to turn into one of many largest recognized DDoS botnet campaigns for the reason that invasion of Ukraine in February 2022.
Its development and measurement are distinctive amongst non-state actor botnets, marking it as a big menace within the cybersecurity panorama.
Eleven11bot’s assault vectors are numerous, using varied strategies to overwhelm focused programs with an onslaught of visitors.
The depth of those assaults varies, starting from just a few hundred thousand to a number of hundred million packets per second (pps).
Public boards have reported sustained assaults which have brought about service degradation lasting a number of days. In some instances, these assaults stay ongoing, impacting important infrastructure and disrupting operations.
Safety Measures
Fortuitously, prospects of Nokia’s Deepfield Defender have been protected in opposition to Eleven11bot’s assaults.
This safety is as a result of lively monitoring of those compromised units and the strong design of the DDoS resolution, which successfully mitigates the menace posed by this botnet.
GreyNoise Intelligence has supplied beneficial insights into the IPs concerned, serving to to additional perceive the scope and scale of Eleven11bot’s operations.
Because the cybersecurity group continues to watch and analyze this botnet, it’s important to deal with the underlying vulnerabilities that permit such intensive machine compromise.
The invention of Eleven11bot highlights the continuing challenges in securing IoT units like webcams and NVRs. As expertise advances and extra units turn into related, the potential for large botnets able to debilitating DDoS assaults will increase.
Each shoppers and enterprises must prioritize cybersecurity, making certain that susceptible units are patched and secured to stop future exploitation by malicious actors.
Within the face of those threats, the significance of collaboration between cybersecurity specialists and the event of strong safety options turns into more and more evident.
By staying vigilant and leveraging superior applied sciences, we are able to work in direction of mitigating such dangers and safeguarding our digital infrastructure in opposition to the evolving panorama of cyber threats.
Are you from SOC/DFIR Groups? – Analyse Malware Incidents & get stay Entry with ANY.RUN -> Begin Now for Free.
