By exploiting a vulnerability in D-Link’s firmware, a man named Stefan was able to access tens of thousands of network devices over eight years.
According to a new report from the security company Forcepoint, a German hacker named Stefan has been running a gigantic bot network since 2012 without receiving any major attention until now.
The botnet is called Cereals and was the biggest in 2015 when it included tens of thousands of network recording and storage devices. Fortunately, many of the infected systems have since been taken out of use, so now the network is much smaller.
Judging from everything, the hacker had only one purpose with the botnet, namely to connect to websites and download lots of animated movies and TV series from Japan. To achieve this, a vulnerability was used in D-Link’s firmware.
The hacker could have used the vulnerability to access sensitive information or execute ddos attacks, but according to Forcepoint there is no evidence to suggest he did so.