IoT device owners all around the world, beware of Mirai — a malware that had been responsible for causing one of the worst denial of service cyberattacks that the world had experienced in the last few years, has now spread and infected internet-connected devices in over 177 countries all around the world.
The beginning of October saw a cybercriminal releasing Mirai’s source code. The release of the malware’s code ended up giving even the cybercriminals with minimal skills and talent a new tool to launch vicious cyberattacks. The good thing was, that it also resulted in giving security researchers and internet defenders a way of tracking down the activities of the bad guys and keep a close tab on their armies of hacked devices.
United States, India, Serbia, China, Brazil, Russia, Pakistan: the list of affected countries goes on and on, as this capture of the map shows.
The malware that powered one of the worst-ever zombie armies, or botnet, made of IoT is being closely investigated by Imperva, a company with a solid reputation of providing websites protection against Distributed Denial of Service (DDoS) attacks. Along with Imperva, a number of other firms are also investigating the malware.
Here is an 18 minute recording from our Mirai monitoring network at 5x speed –
According to Imperva’s latest tally, the botnet made of Mirai-infected devices has now managed to reach a total of 164 countries. On the other hand, a pseudonymous researcher who is known by the name MalwareTech has also been closely mapping the malware and has predicted Mirai’s the total tally to be an even higher 177 countries.
Last month, Mirai was used to build a botnet that attacked security journalist Brian Krebs’ website with a large DDoS attack. A hacker by the name Anna-senpai had revealed the source code of the malware at the beginning of the month, but who is really behind the release is not clear yet.
While experts have termed Mirai as a clumsily written piece of malware, it is spreading quickly mainly because it targets IoT devices that are comparatively easy to hack than others as these devices normally use default and very predictable passwords, such as “123456”, “admin”, “root” and “password” etc.
[Top Image – Shutterstock]