Details of a botnet that took advantage of D-Link hardware vulnerabilities in order to download anime have been shared after nearly eight years of successful operation.
As ZDNet reports, the botnet was discovered by cybersecurity company Forcepoint after it was approached by the Search-Lab security research laboratory with some malicious code. What Forcepoint discovered on analyzing the code was a “cleverly designed small scale botnet targeting only NAS and NVR devices.” More specifically, the botnet targeted D-Link network video recorders (NVR) and network attached storage (NAS) devices to take advantage of a vulnerability in the SMS notification feature of D-Link’s firmware.
The botnet is called Cereals, and it used the D-Link vulnerability to execute commands with root priviliges. Using this method, Cereals was able to amass over 10,000 bots to do its bidding, but Cereals author didn’t want to access bank accounts or steal personal information. Instead, it seems the botnet was actually a hobby project with the sole purpose of downloading anime (Japanese animation) videos from a number of websites.
Forcepoint’s investigation attempted to track down who created the botnet, but all they could find was a name: Stefan, and the most likely country of origin being Germany. Forcepoint decribes Stefan as, “a highly motivated individual with good understanding of embedded devices, Linux systems and script programming” who demonstrated, “how simply it is to exploit a well-documented vulnerability while cleverly picking a target which is ideal for the purpose and where malicious code can reside undetected for a long period of time.”
The details of the Cereals botnet are being shared now because the threat of the vulnerability has passed. The D-Link hardware it relied on is being replaced and the ransomware strain Cr1pT0r removed Cereals from a lot of D-Link hardware during 2019. Even so, Cereals managed to survive as a functioning botnet that went mostly unnoticed between 2012 and 2019.
Of course, the methods available to watch anime legally have changed considerably since 2012, with a number of great anime streaming services now available. You can watch the classics or the very latest releases from Japan for not very much cash, or even for free if you don’t mind ads.