- Register

 
 

Home >IoT botnet source code released
ARTICLE

IoT botnet source code released

04 October 2016

The Mirai malware code, used against KrebsOnSecurity last month in a historically large cyber attack, has been publicly released, leading to fears that easily hackable Internet of Things (IoT) connected devices will be subject to attacks.

The malware works by continuously scanning for IoT systems that are protected by factory default or hard-coded usernames and passwords. According to KrebsOnSecurity, vulnerable devices are then infected with malicious software that effectively turns them into ‘bots’, forcing them to report to a central control server that can be used as a staging ground for launching powerful distributed denial-of-service (DDoS) attacks designed to knock Web sites offline.

DDoS attacks involve flooding machine, server or website with simple requests for information until they become overloaded and unable to function. Last month's DDoS attack is reported to have swamped KrebsOnSecurity by sending 620 gigabits of data every second, which is more than enough traffic to take down most websites.

Released by a Hackforums user with the nickname ‘Anna-senpai’, Mirai is one of two malware families designed to create botnets from vulnerable IoT devices to have surfaced recently. The other is Bashlight, a malware that is thought to have infected over a million IoT devices and co-opted them into a botnet, according to KrebsOnSecurity, pointing to research from Level 3 Communications.

These developments underline the importance of a employing a rigorous programme of password protection, in both the consumer and industrial sectors.

 
OTHER ARTICLES IN THIS SECTION
FEATURED SUPPLIERS
 
 
TWITTER FEED