2 min read

Mirai Writes New Chapter in the History of DDoS Attacks

Ionut ILASCU

April 18, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Mirai Writes New Chapter in the History of DDoS Attacks

The Mirai malware is seen as a milestone in the threat landscape, showing that IoT botnets can be used in distributed denial-of-service (DDoS) attacks and can deal significant blows. It entered the spotlight in autumn last year, and its damage is likely to be felt for some time to come.

Here’s a timeline of the most important events in the life of the Mirai malware:

–          Early August 2016: Independent security researchers start analyzing Mirai, which had gone almost unnoticed because samples were difficult to retrieve from infected IoT devices (mostly routers, DVRs and IP cameras)

–          September 20, 2016: Mirai botnet of 145,607 devices (IP cams and DVRs) hits a few Minecraft servers hosted by French provider OVH. Two consecutive assaults added up to almost 1Tbps and the botnet continued to add infected IoT devices by the thousands

–          September 20, 2016: Mirai DDoS botnet targets the website of security journalist Brian Krebs with a sustained attack of more than 600Gbps. The journalist was forced to take down the website for three days until he could find better protection from the assaults.

–          Around October 1, 2016: Mirai source code becomes available on public forums, allowing hackers to create their own botnets, add new features to the malware and create variants that would evade detection

–          October 21, 2016: Mirai operators shake the Internet as they fire at Dyn, a major DNS service provider. The shock hits high-profile websites like Twitter, Github, Reddit, Netflix, Airbnb, PayPal, Amazon, Spotify, with some of them becoming temporarily unavailable to users.

–          November 4, 2016: Liberia is hit with a DDoS attack from a botnet based on Mirai malware code, knocking offline websites hosted in the country. Security researcher Kevin Beaumont says the blow packed more than 500Gbps of meaningless traffic.

–          November 27, 2016: Routers of Deutsche Telekom customers start having Internet connection problems; Mirai is confirmed the next day (1 | 2)  and Deutsche Telekom says around 900,000 were affected

–          November 27, 2016: The variant of Mirai that knocked Deutsche Telekom routers offline also impacts the routers of UK Internet Service Providers TalkTalk, UK Post Office and Kcom, affecting more than 100,000 customers.

–          February 28, 2017: A Mirai hoard of connected devices target a US college for 54 hours (1 | 2)

Since the Mirai source code was released, hackers can create new variants of the malware and carry out DDoS attacks. Until now, security researchers have detected more than 430 Mirai-based botnets hitting targets across the globe. Although most act for just a few seconds, there are records of assaults lasting for an hour.

Mirai, though, was not the first botnet to recruit hundreds of thousands of connected devices. In 2013, an anonymous security researcher created an army of about 420,000 embedded systems in an experiment that ran from March through December. Hijacking this many devices was possible because they were exposed on the web and ran with the default password, or no password at all.

Regardless of the malware family used in DD0S attacks, one thing is certain: botnet masters have found a powerful, easy-to-use weapon.

Photo credit: Jack Moreh for Freerange Stock

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Malware Posing as Ransomware Responsible for Ukraine Cyberattack Malware Posing as Ransomware Responsible for Ukraine Cyberattack
Silviu STAHIE

January 17, 2022

2 min read
Russian Authorities Cuff Last Remaining REvil Suspects Russian Authorities Cuff Last Remaining REvil Suspects
Filip TRUȚĂ

January 17, 2022

2 min read
Android 12 protects phones from Stingray attacks, lets users disable 2G Android 12 protects phones from Stingray attacks, lets users disable 2G
Radu CRAHMALIUC

January 14, 2022

1 min read