Persistent Bots: Five Ways They Stay Enmeshed in Your Network

Attackers have created the first persistent internet-of-things botnet, Hide 'N Seek, using a well-known tactic from server- and desktop-based systems. Here are five ways the attackers stay on your system following a compromise. Earlier this year, the developers of a malicious program created to infect Linux-based internet-of-things (IoT) devices found a way for it to automatically reinstall the malware following a reboot. The malware, known as Hide ‘N Seek, is the first known example of an IoT botnet that can stick around after the user restarts a device. Known as persistence, such a feature makes malware much harder to clean from compromised systems and will likely cause significant headaches for service providers and the owners of the devices, said Bogdan Botezatu, senior e-threat analyst with software security firm Bitdefender, which published an analysis of the malware on May 7. "The rest of the (IoT) botnets, even if they have impressive numbers, fluctuate because they do not have persistence," Botezatu said.