2 min read

Mirai Writes New Chapter in the History of DDoS Attacks

Ionut ILASCU

April 18, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Mirai Writes New Chapter in the History of DDoS Attacks

The Mirai malware is seen as a milestone in the threat landscape, showing that IoT botnets can be used in distributed denial-of-service (DDoS) attacks and can deal significant blows. It entered the spotlight in autumn last year, and its damage is likely to be felt for some time to come.

Here’s a timeline of the most important events in the life of the Mirai malware:

–          Early August 2016: Independent security researchers start analyzing Mirai, which had gone almost unnoticed because samples were difficult to retrieve from infected IoT devices (mostly routers, DVRs and IP cameras)

–          September 20, 2016: Mirai botnet of 145,607 devices (IP cams and DVRs) hits a few Minecraft servers hosted by French provider OVH. Two consecutive assaults added up to almost 1Tbps and the botnet continued to add infected IoT devices by the thousands

–          September 20, 2016: Mirai DDoS botnet targets the website of security journalist Brian Krebs with a sustained attack of more than 600Gbps. The journalist was forced to take down the website for three days until he could find better protection from the assaults.

–          Around October 1, 2016: Mirai source code becomes available on public forums, allowing hackers to create their own botnets, add new features to the malware and create variants that would evade detection

–          October 21, 2016: Mirai operators shake the Internet as they fire at Dyn, a major DNS service provider. The shock hits high-profile websites like Twitter, Github, Reddit, Netflix, Airbnb, PayPal, Amazon, Spotify, with some of them becoming temporarily unavailable to users.

–          November 4, 2016: Liberia is hit with a DDoS attack from a botnet based on Mirai malware code, knocking offline websites hosted in the country. Security researcher Kevin Beaumont says the blow packed more than 500Gbps of meaningless traffic.

–          November 27, 2016: Routers of Deutsche Telekom customers start having Internet connection problems; Mirai is confirmed the next day (1 | 2)  and Deutsche Telekom says around 900,000 were affected

–          November 27, 2016: The variant of Mirai that knocked Deutsche Telekom routers offline also impacts the routers of UK Internet Service Providers TalkTalk, UK Post Office and Kcom, affecting more than 100,000 customers.

–          February 28, 2017: A Mirai hoard of connected devices target a US college for 54 hours (1 | 2)

Since the Mirai source code was released, hackers can create new variants of the malware and carry out DDoS attacks. Until now, security researchers have detected more than 430 Mirai-based botnets hitting targets across the globe. Although most act for just a few seconds, there are records of assaults lasting for an hour.

Mirai, though, was not the first botnet to recruit hundreds of thousands of connected devices. In 2013, an anonymous security researcher created an army of about 420,000 embedded systems in an experiment that ran from March through December. Hijacking this many devices was possible because they were exposed on the web and ran with the default password, or no password at all.

Regardless of the malware family used in DD0S attacks, one thing is certain: botnet masters have found a powerful, easy-to-use weapon.

Photo credit: Jack Moreh for Freerange Stock

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

1 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read