Cybersecurity specialists have uncovered a large Distributed Denial-of-Service (DDoS) botnet generally known as “Eleven11bot.”
This new menace, found by Nokia’s Deepfield Emergency Response Workforce (ERT), shared in LinkedIn, has compromised a staggering 30,000 community gadgets, predominantly webcams and Community Video Recorders (NVRs).
The botnet has been noticed conducting hyper-volumetric DDoS assaults, primarily focusing on sectors like communications service suppliers and gaming internet hosting infrastructure.
The Emergence of Eleven11bot
Recognized on February 26, 2025, Eleven11bot has quickly escalated to develop into one of many largest identified DDoS botnet campaigns for the reason that invasion of Ukraine in February 2022.
Its development and dimension are distinctive amongst non-state actor botnets, marking it as a big menace within the cybersecurity panorama.
Eleven11bot’s assault vectors are numerous, using numerous strategies to overwhelm focused techniques with an onslaught of site visitors.
The depth of those assaults varies, starting from a number of hundred thousand to a number of hundred million packets per second (pps).
Public boards have reported sustained assaults which have induced service degradation lasting a number of days. In some circumstances, these assaults stay ongoing, impacting vital infrastructure and disrupting operations.
Safety Measures
Thankfully, clients of Nokia’s Deepfield Defender have been protected towards Eleven11bot’s assaults.
This safety is because of the energetic monitoring of those compromised gadgets and the sturdy design of the DDoS resolution, which successfully mitigates the menace posed by this botnet.
GreyNoise Intelligence has offered invaluable insights into the IPs concerned, serving to to additional perceive the scope and scale of Eleven11bot’s operations.
Because the cybersecurity neighborhood continues to observe and analyze this botnet, it’s vital to deal with the underlying vulnerabilities that enable such in depth machine compromise.
The invention of Eleven11bot highlights the continued challenges in securing IoT gadgets like webcams and NVRs. As know-how advances and extra gadgets develop into linked, the potential for large botnets able to debilitating DDoS assaults will increase.
Each shoppers and enterprises have to prioritize cybersecurity, making certain that susceptible gadgets are patched and secured to forestall future exploitation by malicious actors.
Within the face of those threats, the significance of collaboration between cybersecurity specialists and the event of sturdy safety options turns into more and more evident.
By staying vigilant and leveraging superior applied sciences, we will work in the direction of mitigating such dangers and safeguarding our digital infrastructure towards the evolving panorama of cyber threats.
Are you from SOC/DFIR Groups? – Analyse Malware Incidents & get reside Entry with ANY.RUN -> Begin Now for Free.