Items tagged with mirai

Now might be a good time for Netgear to start doubling down on security for its networking products. The folks over at Trustwave found that 31 Netgear router models are susceptible to a security vulnerability that exposes the devices’ web GUI password to nefarious parties. More specifically, an attacker is able to take advantage of a router’s password recovery system in order to obtain login credentials, granting full access to the device. Needless to say, this is huge security oversight that could have wide-ranging implications for affected routers. “After few trials and errors trying to reproduce the issue, I found that the very first call to passwordrecovered.cgi will give out the credentials... Read more...
The Mirai botnet started making waves publicly during the fall of 2016 with a high-profile DDoS attack on the security site KrebsOnSecurity. The DDoS attack, which was at the time the largest on record, pummeled the site with 620 gigabits per second of traffic. Since that time, Mirai has “zombified” hundreds of thousands of IoT devices, sucking them into the botnet at an alarming rate to attack other high-profile targets. Considering that Brian Krebs, who runs KrebsOnSecurity, was directly affected by Mirai (and lost his cloud service provider, Akamai, as a result), it’s almost poetic that he is the one that has seemingly uncovered the originator of the malware. A person using the alias Anna... Read more...
Large scale distributed denial of service (DDoS) attacks powered by thousands and sometimes millions of Internet of Things (IoT) devices that have been turned into a massive botnet is something that content delivery networks (CDNs) and service providers must be prepared for in 2017. Lest anyone thinks otherwise, yet another "huge DDoS" assault was reported before the end of this year, this time from Incapsula, which fended off the largest attack to date on its network. With ten days to go before 2016 is in the rear view mirror (along with all of the celebrities it took), Incapsula found itself mitigating a DDoS attack that peaked at 650 gigabits per second, which is about 30Gbps more than the... Read more...
900,000 Deutsche Telekom customers in Germany were hit with an internet outage beginning on Sunday, and IT analysts have concluded that the company was the victim of a hacker attack. The 900,000 affected customers make up roughly 4.5 percent of Deutsche Telekom’s 20 million fixed-line customers.It is believed that the hackers used malicious software known as Mirai. Mirai turns network devices into remotely-controlled “bots” that can be used to launch attacks and target other victims. Remote interfaces allow network technicians to fix customers' routers from far away, but are also susceptible to outside attacks such as Mirai. The attack targeted the remote routers in homes and offices that not... Read more...
We recently witnessed a new and disturbing trend in cyber security and that is the widespread hacking of Internet connected devices to initiate DDoS attacks on an unprecedented scale. That is the method that made possible the Mirai botnet that targeted security expert Brian Krebs and his security blog with 620 gigabits per second of traffic, which at the time was a record. It is also what's causing a surge in DDoS attacks, as noted by content delivery network (CDN) Akamai. The CDN made its findings known in a recent security report compiled with data gathered from its intelligence platform. In it Akamai notes that the two largest DDoS attacks this past quarter both leveraged the Mira botnet.... Read more...
On Friday, DNS provider Dyn was walloped by a massive DDoS botnet attack which slowed down or completely sidelined major websites like Amazon, Twitter, and The New York Times. The attack was carried out using improperly configured Internet of Things (IoT) devices that were zombified by Mirai malware. In this particular case, however, the majority of the IoT devices used in the botnet were webcams made by China-based XiongMai Technologies. "It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States," said Flashpoint research director Allison Nixon. With all of the attention be thrust onto XiongMai, the company acknowledged... Read more...
Earlier this morning, we reported on the troubling news that the source code for the Mirai IoT DDoS botnet is now out in the open. If you recall, Miari is the botnet that was able to flood KrebsOnSecurity with 620 gigabits per second of traffic using a horde of zombie IoT devices (the attack was so devastating that Akamai cancelled its pro bono hosting arrangement with Brian Krebs). However, with Mirai source code now out for anyone to take advantage of, we may be seeing even more wide-scale DDoS attacks taking place in the future. And while KrebsOnSecurity might not exactly be a site that you have frequented in the past, Miari has the potential to cripple some big name properties. As Hans Gruber... Read more...
Well, this isn't good. The source code for the botnet that took KrebsOnSecurity down by tapping into an unprecedented number of Internet of Things (IoT) devices has been released to the public. It's availability virtually ensures that distributed denial of service (DDoS) attacks equal in size or even larger will follow, creating financial headaches and service disruptions for companies both big and small. Brian Krebs, a renowned security expert and author of the aforementioned blog, recently found his website the target of one of the largest DDoS attacks in history. The massive attack brought in a record 620 gigabits per second of traffic. That's almost twice as much as Akamai, the cloud provider... Read more...