2 min read

Many Sierra Wireless gateways compromised by Mirai botnet, warns US government

Graham CLULEY

October 19, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Many Sierra Wireless gateways compromised by Mirai botnet, warns US government

The US government’s Department of Homeland Security has warned owners of the Sierra Wireless gateway that they are being targeted by Mirai, a notorious malware family that has been creating a mighty global botnet from poorly-secured IOT devices.

Mirai has already made quite a name for itself by infecting all manner of internet-connected devices such as IP CCTV cameras and DVRs, rather than the conventional computers that are traditionally recruited into a botnet.

dhs-alert
Source: https://ics-cert.us-cert.gov/

The Department of Homeland Security’s warning is not solely altruistic – although I’m sure they are genuine in their desire to have as many organisations and end users avoid being hijacked into a botnet as possible.

What the DHS is certainly also concerned about, however, is what will be done with the botnet. And the most likely use of a huge botnet exploiting IoT devices is to launch a massive Distributed Denial-of-Service (DDoS) attack, as the DHS explains in its advisory:

Based on the currently available information, once the malware is running on the gateway, it deletes itself and only runs in memory. The malware will then proceed to scan for vulnerable devices and report its findings back to a command and control server. The command and control server may also instruct the malware to participate in a DDoS attack on specified targets.

According to a technical bulletin issued by Sierra Wireless, the following Sierra Wireless products are said to be vulnerable:

  • LS300
  • GX400
  • GX/ES440
  • GX/ES450
  • RV50

Mirai, you may recall, was the botnet which launched a Godzilla-sized DDoS attack against the website of security blogger Brian Krebs. No doubt there are plenty of companies and government organisations who would prefer not to find themselves on the receiving end of an attack like that, knocking their websites offline.

Once again, Mirai isn’t exploiting security vulnerabilities in Sierra Wireless’s hardware and software, but rather that many owners will not have changed the default username and passwords that the devices ship with.

The good news is that because the malware solely resides in memory on the infected devices the cure is to simply turn them off and on again, wiping memory in the process. But if you haven’t changed those login credentials, your Sierra Wireless gear will most likely be reinfected soon after you clean the malware off it.

But this, and previous attacks, underline the importance of changing default passwords whenever possible on devices that you attach to the public internet.

If you want to better secure all of your home’s connected devices against IoT threats, be sure to check out Bitdefender BOX.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read