This episode is sponsored by Morgan Stanley's Thoughts on the Market. Today's financial markets move fast. Morgan Stanley moves faster, with their daily podcast, Thoughts on the Market. Thoughts on the Market covers daily trends across the global investment landscape, with actionable insights from Morgan Stanley's leading economists and strategists. And, with most episodes under five minutes long, staying informed has never been easier. Listen and subscribe to Thoughts on the Market wherever you get your podcasts. This Marketplace podcast is supported by Fagree Drinker, one of the largest law firms in Minnesota, with nearly 300 Minneapolis attorneys helping clients solve complex legal issues in meeting their goals in the Twin Cities and beyond, fagreedrinker.com. Could your innocent-looking router or TV box actually be part of a botnet? For American Public Media, this is Marketplace Tech, I'm Stephanie Hughes. How about these devices? Routers, computers, web cameras, they all connect to the internet and they can be infected with malicious software that lets someone else, not the device's rightful owner, take over. The device becomes a bot, essentially. And a group of these devices, networked together, becomes a botnet. These botnets can then be used for nefarious purposes, like distributed denial of service attacks without the device owners even knowing about it. Cybersecurity journalist Brian Krebs recently wrote about several large botnets, including one called Kim Wolf, that compromised more than 3 million devices. They're mainly compromising not just routers but TV boxes. They advertise the ability to view dozens or hundreds of streaming services that cost money for free, for a one-time fee. They tend to come pre-installed with malicious software and things that turn your system into a bot. Just to make sure I understand, is it that the TV boxes have the botnet already in it or that people are installing some kind of software where the botnet is involved? They either come pre-installed or it comes out of the box with Android's operating system and everything set up. In order to use it for that streaming services, you have to agree to download an entire new App Store and then only then do the apps which allow you to view the pirated content show up as available for download. Kim Wolf and these other botnets figured out that if you have one of these TV boxes on your local network, they phone home to a proxy network. A proxy network is just basically using somebody else's computer or connection to funnel your malicious activity. We'll be right back. The economy is a lot right now. We can't control interest rates or tariffs. As a business owner, you can only control how efficiently your business operates. Payroll is also a lot of late nights, double checking numbers, worrying about missing tax filings or costly mistakes. That's where Gusto comes in. Gusto is online payroll and benefit software built for small businesses. It's all-in-one, remote-friendly and incredibly easy to use so you can pay, hire, onboard and support your team from anywhere with automatic payroll tax filings, simple direct deposits, and built-in tools for offer letters and onboarding documents. Gusto helps reduce administrative workload and streamline day-to-day operations. When every hour counts, having systems run smoothly can make a meaningful difference. Try Gusto today at gusto.com slash marketplace tech and get three months free when you run your first payroll. That's three months of free payroll at gusto.com slash marketplace tech. This marketplace podcast is supported by CafePress.com. At a time when marketing costs to business continue to increase, promotional products are the most lasting form of advertising. CafePress.com makes it affordable to put your brand on apparel, drinkware, bags and thousands of other promotional products with super-fast turnaround, plus big savings with quantity discounts. And now you can get 20 custom 11-ounce mugs with your logo for only $99. Join the tens of millions of customers who have discovered CafePress and unlock your savings at CafePress.com slash marketplace. You're listening to Marketplace Tech. I'm Stephanie Hughes. We're a backless cybersecurity journalist, Brian Krebs. He writes at the site Krebs on Security. I was reading about the Department of Justice's investigation into these attacks and the DOJ uses some super strong language around this saying the infected devices were, quote, enslaved by the botnet operators and then forced to attack other computers. This is so creepy, Brian. Tell me about what's happening here. I mean, in a sense, what's happening here is the systems, mostly routers or as we say, TV boxes, they're made for one purpose and they're being co-opted for use in another. Now, if you're an average, let's say cable modem user here in the US, you probably have something on the order of 100 megabit connection down, download, right? So that's pretty fast. You also have an upload speed that is going to be very, very fast. And you may or may not notice your system being used, you know, some or a portion of all that bandwidth being used for nefarious purposes. If you've got such huge fat pipes, which is kind of the problem with a lot of these hacked routers, right, they're sitting on really powerful internet connections. And it's not just incoming traffic, right? They can turn these systems, enslave them into bots and then force them to participate in these large DDoS attacks. And each individual machine might use a small portion of its bandwidth in this attack. But in the aggregate, you have tens or hundreds of thousands of systems hitting the same target at the same time with that traffic. It amounts to an enormous amount of traffic. And in the case of Kim Wolf and some of these other botnets, we're talking on the order of hundreds of thousands or if not millions of systems they can use for these attacks, very few destinations on the internet. And I'm talking even some of the biggest destinations can withstand the amount of traffic deluge that comes at them from one of these attacks. Just the sheer volume of systems and the volume of bandwidth that they can take advantage of. So it's quite, I don't think it's an overstatement at all. Yeah. And with a DDoS attack and distributed denial of service attack, you know, tell me a more about the mechanics of that and what the goal is with it. Well, the mechanics are really simple. So if your machine gets commandeered by one of these botnets, well, first of all, they will probably install malicious software on it to maintain a permanent presence on that device. And then what it will do is instruct the infected system to phone home to what they call a command and control server that is used by the bad guys and control the botnet to control the distributed activities of the botnet. So your system, if it's infected with one of these things, will phone home every few minutes to a control server. That control server may or may not have new instructions. It might say, hey, go download a new malware update for our malware. Oh, hey, we're all attacking this website. Go do that now. Hey, here's some traffic that we'd like you to relay for us anonymously. Here you go. You know, Brian, as we're talking, I'm feeling increasingly creeped out that there is a bot right now somewhere in my house in one of the devices. How can consumers check to see if any of their devices have been compromised? That's not an easy thing to figure out. So my advice is if you haven't gotten a new router in the last five years, it's probably time to do that because, number one, you are going to see some overall security improvements for these things. You're going to see considerable speed improvements, particularly on the Wi-Fi side. And you're going to probably end up with a system that patches itself, at least for the next five years or however long they're going to support it. We have a problem here where we're still got this massive amount of deployed older hardware that isn't secured and probably won't be. And so the sooner we can get more people to move to some of the modern router devices that enforce some of this stricter security, the better off we'll be. That's cybersecurity journalist Brian Krebs. You can find his writing at Krebs on Security. His Resolverado produced this episode. I'm Stephanie Hughes and that's Marketplace Tech. This is APM. What happens when your kid's childhood becomes your business? I'm Rima Harris and this week on This is Uncomfortable, we step inside the world of family influencers where childhood turns into content and content turns into income. What does it do to the kids at the center of it all? And what does it reveal about modern motherhood? I think part of the reason that mom influencers and family vloggers are so popular in the United States specifically is because American motherhood is so lonely. Be sure to listen to This is Uncomfortable wherever you get your podcasts.
