Hackers release Mirai into the wild

1 0

By Matthew Griffin Security and Privacy 10th October 2016

WHY THIS MATTERS IN BRIEF

As more “Smart” things are connected to the internet they all become targets that can be used to take part in huge DDoS attacks, and without global, or even regional, security standards for IOT devices it’s likely that these attacks will become more frequent, and potentially more deadly

After inflicting heavy damage on KrebsOnSecurity, and other web servers, in what transpired to be the largest DDoS attacks in history, which took down part of the Eastern United States and Europe’s internet, the creator of the Mirai botnet, a program designed to harness insecure IoT devices to run massive DDoS attacks, has apparently released the source code on Github.

New research would allow cyborgs and human organs to join computer networks

The compact C code is designed to run on IP cameras and other Internet of Things (IoT) devices. It tries various hardcoded root passwords, infects the device, and then sends out traffic to a preset target. You can see the code containing the hardcoded passwords in this file called scanner.c.

Hackers originally used the botnet to send a 620 Gbps DDoS to KrebsOnSecurity earlier in the year and while the system’s powerful it’s easily thwarted by rebooting the offending IoT devices and updating their passwords and firmware – which is much harder than it sounds, particularly given the lack of IOT security standards and lack of coordination between providers.

“With Mirai, I usually pull max 380k bots from telnet alone,” write Anna-senpai, the hacker who released the code on Hackforums, “however, after the Kreb [sic] DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.”

Krebs doesn’t believe the release is altruistic especially given his penchant for getting hackers arrested.

This new tech could help you get through airport security in just 30 Seconds

“It’s an open question why anna-senpai released the source code for Mirai, but it’s unlikely to have been an altruistic gesture – miscreants who develop malicious software often dump their source code publicly when law enforcement investigators and security firms start sniffing around a little too close to home,” he said, “publishing the code online for all to see and download ensures that the code’s original authors aren’t the only ones found possessing it if and when the authorities come knocking with search warrants.”

The code is on Github now and appears to be legitimate and while we haven’t compiled it there is enough interesting info in the files themselves that it could make an educational project for researchers and, sadly, a compact tool for more nefarious uses.

Matthew Griffin / About Author

Described by NASA as a "Walking Encyclopaedia of the Future" and one of the world’s most in demand keynote speakers Matthew Griffin, Founder and Futurist in Chief of the 311 Institute, a global Futures and Deep Futures advisory firm, is a multi-award winning Futurist and strategic foresight expert, author, lecturer, mentor, podcast and YouTube host.

With a distinguished career running global business units at Atos, EMC, and IBM today Matthew helps leaders and titans of industry from all over the world explore the impact of the inter sections of technology, culture, and leadership, then helps them create high performance organisations that can continuously disrupt, outpace, and outthink their competition.

15 times author of the hit series the Codex of the Future series Matthew's ability to identify, track, and explain the impacts of hundreds of emerging technologies and trends on global business, culture, and society has earned him a powerful reputation and a roster of clients that include royal households, world leaders across the G7, G20, and G77, and many of the world's most recognised and exceptional organisations including ABB, Accenture, ABN Amro, Adidas, AON, ARM, BCG, Centrica, Citi Group, Coca Cola, Deloitte, Dentons, Disney, Dow, EY, Google, KPMG, Lego, Microsoft, Legal & General, LinkedIn, Nokia, Paramount, PepsiCo, PWC, Qualcomm, RWE, Samsung, T-Mobile, UBS, Visa, WIRED, WPP and hundreds of others.

Matthew is regularly featured in the global media including the AP, BBC, Bloomberg, CNBC, Discovery, Forbes, Khaleej Times, Telegraph, TIME, ViacomCBS, WIRED, and the WSJ, and his mission is to help organisations create a fair and sustainable future whose benefits are shared by everyone irrespective of their ability, background, or circumstances.

Comments (1)

Bromium’s micro-virtualisation technology stops Malware in its tracks

5th February 2017 at 9:35 am

[…] bot, which hackers can then use to orchestrate massive DDoS attacks, like those perpetrated by the Mirai botnet in October last year that took down massive chunks of the US East Coast and European […]

Hackers release Mirai into the wild

Comments (1)

Leave a comment Cancel reply

ORGANISING AN EVENT OR WORKSHOP?

STAY CONNECTED

FREE BOOKS AND STUFF

MY PLEDGE TO THE PLANET

NET ZERO .

ZERO HARM .

ZERO IMPACT .

ZERO WASTE .

You have Successfully Subscribed!

Pin It on Pinterest

Hackers release Mirai into the wild

Related Posts

Comments (1)

Leave a comment Cancel reply

ORGANISING AN EVENT OR WORKSHOP?

STAY CONNECTED

FREE BOOKS AND STUFF

MY PLEDGE TO THE PLANET

NET ZERO .

ZERO HARM .

ZERO IMPACT .

ZERO WASTE .

You have Successfully Subscribed!

Pin It on Pinterest