• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 3rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Someone from China is Distributing Mirai Malware Through Windows Botnet

February 23rd, 2017 Waqas Security, Malware 0 comments
Someone from China is Distributing Mirai Malware Through Windows Botnet
Share on FacebookShare on Twitter

Mirai malware was discovered in 2016 when it was used the Internet’s largest DDoS attack on DYN DNS and OVH hostings. A couple of weeks ago, it was also discovered that after infecting Linux devices, the Mirai malware is can also infect Windows devices.

Now, in a report published by Kaspersky Lab, it was identified that the code had been written by someone experienced and who is well-versed in spreading the IoT malware onto Linux systems in specific conditions. According to their research, the campaign isn’t merely an over-hyped hike from Linux based Mirai to Windows based Mirai because it appears to be yet more proof of the dangers of public availability of the source code of Mirai malware and the inadequacy of security measures that has made IoT devices and embedded systems so vulnerable to hacking.

It is, however, quite alarming that Mirai is easily spreading from OS to OS. As per the report from Kaspersky Lab, just like Zeus banking Trojan source code’s release turned out to be a devastating step for the online community, the leaking of Mirai IoT source code is also becoming a big problem as far as the security of the Internet-connected infrastructure is concerned. This is indeed concerning for the online security fraternity as the problems will continue to rise for many years as it is just the beginning of hackers learning to use the source code in a variety of ways.

Windows botnet can spread to Linux-based machines through using brute force attack against the device’s remote telnet connection and may then spread over SMI, SQL Injection and SSH attacks as well as IPC techniques. These can target cameras that are IP based, media center appliances, internet connected DVRs and Banana Pi and Raspberry Pi devices.

Kaspersky Lab researcher Kurt Baumgartner noted that this year around 500 different systems had been targeted and most of the targets are located in emerging markets.

“More experienced attackers, bringing increasingly sophisticated skills and techniques, are starting to leverage freely available Mirai code. A Windows botnet spreading IoT Mirai bots turns a corner and enables the spread of Mirai to newly available devices and networks that were previously unavailable to Mirai operators. This is only the beginning,” added Baumgartner.

[fullsquaread][/fullsquaread]

As per their analysis, the bot was not just coded and compiled on a Chinese machine but also signed with code-signing certificates that were stolen from a pair of Chinese silicon and wafer manufacturers namely Xi’ a JingTech Electronic Technology, Ltd., and Partner Tech Co., Ltd. Both are Shanghai-based companies.

The malware’s main targets are Microsoft SQL servers, and MySQL database servers since these are internet-oriented servers and offer access to privately networked devices like IP-based cameras and DVRs. Researchers at Kaspersky Lab have also noticed that the attack occurs in stages as these include scanning and attacking of online sources so that more instructions and malware could be added to the devices.


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • DDOS
  • hacking
  • internet
  • IoT
  • Linux
  • Malware
  • Mirai
  • security
Facebook Twitter LinkedIn Pinterest
Previous article BitTorrent distribution sites dropping crypto-ransomware on macOS
Next article CloudFlare Blames Internal Faults for Memory and Client Data Leakage
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Gootloader exploits websites via SEO to spread ransomware, trojans

Gootloader exploits websites via SEO to spread ransomware, trojans

Authentication bypass vulnerability found in NATO, EU approved firewall

Authentication bypass vulnerability found in NATO, EU approved firewall

Data analytics firm Polecat data breach - 30TB of data exposed

Data analytics firm Polecat data breach - 30TB of data exposed

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Gootloader exploits websites via SEO to spread ransomware, trojans
Security

Gootloader exploits websites via SEO to spread ransomware, trojans

Authentication bypass vulnerability found in NATO, EU approved firewall
Security

Authentication bypass vulnerability found in NATO, EU approved firewall

Data analytics firm Polecat data breach - 30TB of data exposed
Leaks

Data analytics firm Polecat data breach - 30TB of data exposed

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us