Technology 3 min read

3 Brand new Mirai Botnet Attacks Against IoT Devices

Researchers are still breaking down the malicious code from WannaCry, a.k.a. the Mirai Botnet. Originally developed by university students for Minecraft DDoS attacks, the botnet spawned many varients. These are the latest three to target new IoT devices like routers and DVR remotes.

The Mirai Botnet keeps getting repurposed. Make sure you update your devices. | Jaiz Anuar | Shutterstock.com

The Mirai Botnet keeps getting repurposed. Make sure you update your devices. | Jaiz Anuar | Shutterstock.com

This article details breaking news about three new attacks from the Mirai Botnet. You might also know this botnet as the devastating ransomware WannaCry.

In April 2018, we covered the story of how university students developed what would become the WannaCry ransomware.

But before it attacked millions of devices, WannaCry was the Mirai botnet–a DDoS army that was used by, among others, university students that wanted an edge in Minecraft.

The latest variants enable the botnet to target DVRs, routers, and other devices.

What are the three new attacks and how you protect your IoT devices?

Geralt | Pixabay

Three Different Attacks; One Sole Creator

As we covered before, the Mirai Botnet works as a large distributed denial-of-service (DDoS) attack. It only developed into WannaCry after one of its creators released the code online.

This led to many variations on the original DDoS, brute force attack method. But four of the Mirai Botnet variants — Sora, Wicked, Omni, and Owari — might all be by the same author.

Cybersecurity researchers at Fortinet came to this conclusion after studying the code. In fact, they think that some of the variants weren’t originally meant to operate autonomously.

“This also leads us to the conclusion that while the Wicked bot was originally meant to deliver the Sora botnet, it was later re-purposed to serve the author’s succeeding projects”, says the Fortinet blog.

Though the code is not that new, researchers keep unpacking new beasties. These latest variants target different devices than previous Mirai Botnet variants.

Netgear DGN1000 router | YouTube

Affected Devices and a Potential Culprit

Previous botnet attacks targeted many IoT devices because of their notoriously lax security standards.

Given the maelstrom of data privacy concerns now in the public eye, anxieties about hackers are not something else your average citizen needs to have on their mind.

Fortinet outlined some of the specific affected devices in their May 17th, 2018 blog post. It included Netgear routers and CCTV-DVR remotes as well as already infected web servers.

Devices attacked in latest Mirai Botnet variant update | Fortinet

The bot downloads the malicious payload, but there seems to be some relationship between the three variants. As Fortinet points out, Omni bot samples replaced Owari bot samples in some of the exploits. They did not elaborate on the purpose behind this.

Fortinet believes they spoke to the original author in April, forming this theory from that interview. They offered advice we want to echo: remember to regularly update and patch your IoT devices.

What is your biggest fear about the approaching IoT future of interconnectivity?

Found this article interesting?

Let Juliet Childers know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Juliet Childers

Content Specialist and EDGY OG with a (mostly) healthy obsession with video games. She covers Industry buzz including VR/AR, content marketing, cybersecurity, AI, and many more.

Comments (0)
Most Recent most recent
You
Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.