12 Apr 2016

Mirai malware, the IoT botnet that crippled the security website Krebs On Security and launched a heavy DDoS attack on hosting provider OVH, has been released publicly by a hacker.

While Mirai isn’t the biggest ever botnet, it’s responsible for one of the largest DDoS attack recorded. It spreads by brute forcing telnet servers with 62 insecure default passwords. These botnets consist of mostly internet connected cameras and other ‘smart’ devices. It’s nothing short of scary.

The release of the code of Mirai is obviously an important event for the security researchers. To help the ordinary people see the scale of this malware and its live activity, a security researcher named MalwareTech has released a live map, showing the real-time infections of Mirai.

MalwareTech has also published a detailed blog post explaining the working of Mirai. He also tells how a scanner that uses lots of custom servers to emulate vulnerable IoT devices.

It’s like a stream of sensors. As soon as one connects, it’ll notify you of the hit. The resultant map shows different countries facing the attack.

MalwareTech thinks that significant DDoS attacks will become more common as hackers will spot more IoT devices with flawed security. It’s a high time that leading IoT manufacturers stop shipping the devices with default passwords and replace with something concrete, e.g., randomly generated passwords.

Mirai botnet map via Motherboard

IT Security Professional – Security Researcher & Consultant for the Government, Enthusiast, Malware Analyst, Penetration Tester.

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.