According to our data, the countries most vulnerable to IoT reaper by distribution of number of devices are South Korea, Brazil and the United States.
This new threat deserves our attention for a number of reasons. Unlike Mirai, Reaper does not attempt to crack the passwords of devices it targets, such as webcams and routers, but rather to exploit known vulnerabilities. Some of those vulnerabilities are fresh and were disclosed as recently as a few days ago. The list of susceptible devices includes models by some well-known vendors such as D-Link, TP-Link, and NETGEAR, as well as devices running the ubiquitous embedded web server GoAhead. Another point of concern is the inclusion of a built-in Lua (an interpreted scripting language designed for embedded systems) execution environment, allowing for powerful and complex attacks.
Here at Reposify, we are in a unique position to truly appreciate the full potential of Reaper. As a company whose business is to understand IoT devices and digital assets worldwide, we have come up with a tool helping users to assess their own networks by checking their source IP.
Regardless of the sophistication and spread of Reaper, we hope the tools and knowledge shared here with the security community will help to mitigate and contain the attack when it strikes.