Source code of Fronton, Fronton-3D and Fronton-18, Russian cyber weapons, was leaked. Now you can stop the biggest Internet enemy

Cyber warfare is at its mayor activity level, showing this is the growing interest of the great world powers in the development of powerful cyber weapons. Digital Revolution, a group specialized in mobile hacking, revealed multiple documents describing a Federal Security Service (FSB), the Russian intelligence agency, request for the development of a software variant to launch massive cyberattacks against other countries using Internet of Things (IoT) devices.

Digital Revolution website

Digital Revolution leaked a folder with twelve files including technical details, specifications, diagrams and code snippets of the weapon, known as FRONTON, whose development took place between 2017 and 2018. According to this information, the FSB ordered the acquisition of the cyber weapon through Military Unit 64829, the code name of its Information Security Center.

FRONTON leaked documents

The mobile hacking group claims that there are three different versions of this project: Fronton, Fronton-3D and Fronton-18. In addition, Digital Revolution hackers assured that any of these tools can infect a smart device (whether cameras, light bulbs, speakers, among others), connecting them to a network and subsequently to a server responsible for the stability of online services in entire countries.  

Contractors who developed this malware recommended the FSB create botnets composed almost entirely of IP cameras and surveillance systems connected to the Internet: “Any device with the ability to stream video represents a strong enough communication channel to deploy denial of service (DDoS) attacks efficiently,” mentions one of the recommendations listed in these leaked documents. In addition, contractors highlight the ease with which these devices can be hacked using dictionary attacks and similar techniques used in mobile hacking.

FRONTON source code

The FSB estimates that an attack using a few hundred thousand IoT devices could cause a crash in social media platforms and file hosting services for hours. As if that weren’t enough, Fronton’s developers say an attack on small-country DNS servers could collapse any Internet connection in the affected territory.

The International Institute of Cyber Security (IICS) states that by the end of 2020, there will be more than 20 billion devices connected to the Internet, so the use of botnets could keep growing. In previous years, botnets like Mirai managed to infect up to 600,000 devices, generating large-scale DDoS attacks. The use of default passwords and lack of software updates are the main factors of attacks against IoT devices.