- A
hacker ran a network of bots that compromised more than 10,000 devices for years, seemingly for one purpose: to downloadanime videos. - The botnet, called Cereals, went mostly undetected for 7 years because it served such a narrow purpose and used just a single exploit, according to a report from
cybersecurity firm Forcepoint. - Researchers at Forcepoint traced the bot activity back to a single user in Germany, who was using malicious code to fraudulently log into websites and retrieve direct links to anime.
- Visit Business Insider's homepage for more stories.
One alternative to paying top dollar for streaming content: Set up a sprawling network of bots that take over devices, fraudulently log into websites, and download videos for you.
That's exactly what one anime enthusiast has done, according to a new report from cybersecurity firm Forcepoint, first covered by ZDNet.
According to the report, one hacker built a botnet over the course of nearly 8 years that used malicious code to take over internet of things devices for the sole purpose of downloading anime videos. At its peak, the botnet compromised over 10,000 devices.
But the anime-focused botnet, called Cereal, evaded detection for so long because it seemingly served a narrow purpose and used just one exploit, according to Forcepoint.
"We were also hoping for exceptions amongst the heaps of Anime related requests, but either there is none, or it wasn't routed through our honeypots. We had to conclude that this is either a simplistic Hobby-VPN-Based-Web-Crawler project of someone or there is a hidden agenda behind the scenes that we lack the evidence of," Forcepoint researcher Robert Neumann wrote.
Forcepoint tracked the botnet back to an IP address in Germany, and noted that the creator's name is logged in some of the malicious code as "Stefan." According to Forcepoint, the anime-harvesting botnet is now on the decline after a different ransomware strain wiped it from most devices in 2019.
Read the original article on Business Insider