Hackers are reportedly targeting smart home devices across Russia to create large-scale botnets, which are being used to mine cryptocurrency and conduct distributed denial-of-service (DDoS) attacks, according to a March 24 report from Russian state-controlled news agency TASS.
Citing information from a Russian law enforcement agency, the report reveals that cybercriminals are exploiting vulnerabilities in internet-connected household devices to secretly hijack them for malicious purposes. These compromised networks are being used not only for crypto mining but also to carry out coordinated cyberattacks.
Smart Homes Turned Into Crypto Botnets
The attackers reportedly exploit weaknesses in smart home systems—such as security cameras, smart toothbrushes, temperature sensors, and other IoT devices—to gain control without the owner’s knowledge. Once hijacked, these devices are added to a botnet, a network of infected systems used to carry out a range of cyber activities.
The compromised devices are primarily being leveraged to mine cryptocurrencies like Bitcoin and Monero, a method commonly used by threat actors to profit from hijacked computing resources without incurring the energy costs. In addition, the botnets are being deployed in DDoS attacks, which flood online services or websites with traffic, rendering them inaccessible.
Surveillance and Data Harvesting Concerns
According to the law enforcement agency, there’s growing concern that hackers may also be using compromised smart home systems for surveillance purposes. By accessing security cameras and data from motion or temperature sensors, attackers might be able to determine when homeowners are away—raising serious privacy and security concerns.
While the scale and timeline of the attacks remain unknown, the report did not specify which devices or manufacturers are particularly vulnerable, nor did it elaborate on the exact method of infiltration.
A Persistent Threat in Crypto Cybercrime
The exploitation of connected devices for crypto mining is not new. Hackers have previously used malware embedded in torrent downloads or outdated software tools to launch similar attacks. In 2022, crypto.news reported on a method where malware was hidden in movie files to hijack crypto wallets and browser sessions.
In these cases, malware executed commands that injected malicious code into browsers like Firefox, replacing crypto wallet addresses with the attacker’s own and even attempting to reroute Wikipedia donations.
Ongoing Vigilance Required
This latest development underscores the ongoing vulnerabilities in the rapidly expanding Internet of Things (IoT) landscape. As more homes adopt smart devices, the risk of them being turned into tools for illicit activities like crypto mining and cyberattacks increases.
Experts recommend that users secure their smart home devices by updating firmware regularly, using strong and unique passwords, disabling unnecessary remote access features, and employing firewalls or network segmentation to isolate smart devices from critical systems.
As the line between digital and physical security continues to blur, the need for robust cybersecurity practices in smart homes becomes more critical than ever.
