Reaper, also known as IoTroop or IoR_reaper, is a large botnet mainly comprised of IoT devices such as IP cameras, network video recorders (NVRs), and digital video recorders (DVRs).
WireX is a large botnet that leverages Android-powered mobile devices to perform distributed denial-of-service (DDoS) attacks on targets. Network traffic generated by WireX was discovered by researchers on August 2, 2017 and the source of the malware infections that formed the botnet was traced to approximately 300 mobile apps available for download on the Google Play Store.
Linux.Proxy.10, or Proxy, is a Trojan that targets Linux devices. It was first identified in late 2016 and by the end of January 2017, thousands of devices had been infected. Attackers use other Trojans to initially compromise the device and create a new user “mother” with the password “f***er.” They then login to the infected device via Secure Shell (SSH) and download the Proxy Trojan.
MrBlack, first identified in May 2014 by Russian security firm Dr. Web, is a botnet that targets Linux OS and is designed to conduct distributed denial-of-service (DDoS) attacks. In May 2015, Incapsula clients suffered a large-scale DDoS attack which the company attributed to network traffic generated by tens of thousands of small office/home office (SOHO) routers infected with MrBlack. This massive botnet spans over 109 countries, especially in Thailand and Brazil.