• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime

Hackers are increasingly targeting IoT Devices with Mirai DDoS Malware

October 19th, 2016 Waqas Cyber Crime, Security 0 comments
Hackers are increasingly targeting IoT Devices with Mirai DDoS Malware
Share on FacebookShare on Twitter
Mirai Malware Causing Havoc Among IoT Devices Manufacturers and Security Experts after its source was published online.

Since the developer of Mirai malware published its source code online, the Internet of Things (IoT) devices has become highly vulnerable to malware infections.

In fact, research suggests that the number of Mirai infected IoT devices have increased substantially. The malware developer claimed that his malicious code has infected over 380,000 IoT devices but that was before the source code was leaked.

Also Read: Two Charged for Connections to Lizard Squad and PoodleCorp DDoSing group

Initially, the experts didn’t pay much attention to the probability of increased infection in IoT devices after its source code became public. However, when massive distributed denial of service (DDoS) attacks were launched against Brian Krebs’ website and OVH, website hosting services provider, made the experts come together and take notice.

Level3 Communications’ research team has been inspecting the activities of Mirai since then and they have come to the conclusion that since the source code leak, the number of infected devices doubled. They monitored the command and control servers of Mirai malware and identified that around 500,000 IoT devices have been infected. But this is just a starting figure while the actual number could be much higher. The reason is that when the source code was leaked, multiple new botnets sprouted causing such a massive number of devices to become infected.

Level3 researchers have also identified that nearly 100,000 bots were used in some of the DDoS attacks that they monitored against one target.

Security experts are of the opinion that devices manufactured by the Taiwanese firm AVTECH, and Chinese XiongMai Technologies and Dahua Technology are highly vulnerable to getting infected with Mirai.

Also Read: Internet’s largest 1Tbps DDoS Attack was conducted using 145k hacked cameras

It must be noted that over 80% bots are actually DVRs due to which Mirai malware can identify and infect a wide range of IoT devices including Linux servers, routers, IP cameras and Sierra Wireless’ gateways. Level3 has also revealed that at least one-quarter of the infected IoT devices are present in the US after which comes Brazil with 23% and then comes Colombia with 8% of total identified infected devices.

Global Distribution of Mirai bots

Global Distribution of Mirai bots

It is also stated that over a quarter of the Mirai bots contain another powerful malware Lizkebab or Bashlite. This means various malware families are targeting a specific pool of vulnerable devices. It is surprising that Mirai’s command and control servers were targeted multiple times during DDoS attacks that were launched using the Bashlite bots.

Experts believe that:

“With the recent and frequent introduction of new Mirai variants, we expect continued DDoS activity from Mirai botnets. In some cases, we see the new variants running all of their infrastructures on one or two hosts, as opposed to the original Mirai variant which had many different hosts and frequently changed IPs to avoid detection or attack,” claim security experts at Level3.

[fullsquaread][/fullsquaread]

Also Read: The Troubling State of Security Cameras; Thousands of Devices Vulnerable

It is indeed an alarming fact that the structure of botnets infected with Mirai is evolving rapidly and since the leak of the source code various authors is adding their bits to make it more vicious.

We highly recommend visiting Level 3’s blog for in-depth technical details.

  • Tags
  • cyber attacks
  • Cyber Crime
  • cyber war
  • DDOS
  • hacking
  • internet
  • IoT
  • security
Facebook Twitter LinkedIn Pinterest
Previous article UK’s Financial Hub London Under Massive Ransomware Attacks
Next article Electronic Arts (EA) servers are down; Users are angry (Updated)
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

55
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

90
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

110

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us