Mirai variants warning

Others 2019-07-03 12:36:34 views: null
Mirai is a devastating botnet, dating back to 2011, was once the peak in 2016, now seems to be the beginning of a resurgence, becoming even than the first two horrible. Because malicious attackers have begun to use Mirai variant to form a new batch of zombie army, networking equipment roaring to enterprise-level object again.

Mirai is a devastating botnet, dating back to 2011, was once the peak in 2016, now seems to be the beginning of a resurgence, becoming even than the first two horrible. Because malicious attackers have begun to use Mirai variant to form a new batch of zombie army, networking equipment roaring to enterprise-level object again.
Mirai Mirai variants variants warning warning

Mirai 3 years after the resurgence

Since Mirai maker arrested, Mirai had once disappeared, but new signs of the recent rise again, and that is online again, the emergence of new variants of Mirai. Mirai newly discovered variant contains 27 exploits and 11 species are new entrants, one of which is aimed at WePresent wireless presentation system WiPG-1000's. Another LG Supersign TV remote execution against exploits, both devices belonging to the enterprise-class products, means Mirai botnet will be able to have more bandwidth, DDoS attacks firepower will also be significantly improved.
In addition, with many things, like equipment, unpatched Linux servers exposed on the Internet, and large-scale abuse of the attacker, they send to each Mirai exploit a vulnerable server could find. The key is, Mirai new variant of the target company into the attack was connected devices, and use all the service bandwidth, in theory, it could trigger more destructive attacks.

Mirai called DDOS power station

Mirai trigger large-scale botnets for the first time attention was October 21, 2016, due to the provision of US Dyn DNS service company suffered large-scale "Access Denied Service (DDoS)" attacks, resulting in more than a dozen US cities paralyzed the Internet, It covers Twitter, Shopify, Reddit, including a large number of well-known Internet sites normally inaccessible for several hours.
Mirai is a sophisticated malware program that can control the control of network devices, and convert it into a growing botnet of one. Use Mirai, even a novice programmer can access thousands of computers, and to coordinate the launch DDoS attacks. Facts have proved, ADSL modem, wireless router and webcam devices are most vulnerable to attack.

The initiator are young people

Since Mirai had played a central role in a number of high-profile DDoS attacks, causing the intervention of the FBI. December 13, 2017, "Mirai catastrophe" of three instigator finally pleaded guilty to the court Executed, the main culprit for the Paras Jha, only 21 years old, Mirai responsible for the preparation and operation of the botnet source code and use it to send attacks and online scams . The other two accomplices is Josiah White (20 years old) and Dalton Norman (21 years old).
Ultimately, the judge sentenced Jha six months' imprisonment and a fine for $ 8.6 million. Although this lead to "catastrophe" of three instigator finally pleaded guilty to the court Executed, but Mirai botnet was still waiting in the wings on the Internet. Because Jha and his accomplices before the arrest, Mirai has spread up the source code on the Internet, planted no small crisis.

Cat-routing also target

Of course, companies are not the only need to worry about Mirai groups. In fact Mirai and its variants from the target server, PC, smart phones, wearable devices to expand light cat equipment, routers, cameras, home security systems, smart TV, smart, and even baby monitors any Internet-connected device may become potential targets.
Since Mirai automated scanning mechanism, we can continue to search for potentially unsafe networked device on the Internet, then use the default login credentials hijacking attempt, but the average user is difficult to notice the condition of the infected, which also led to its hazardous further enhanced.

Mirai four steps to prevent infection

It should be said, Mirai new variant is more flexible than the original version, you can use a wider range of targets, including enterprise-class wireless controller, wireless presentation system and digital signage. The latest statistics show that being infected with the new variant of things Mirai device is about 21%. So now that we know this, what kind of measures to take to prevent infection it?

First, an inventory of all devices connected to its network equipment things. 
Second, comprehensive change the default password. 
Again, make sure each device connected to the latest patches are adopting the Internet. 
Finally, create a set of defense strategies including firewall, VPN, anti-virus and anti-malware, and even hire a third-party security experts to ensure robust security enterprise systems. And no internal IT department of the company should definitely be called a security expert to deal with the great threat Mirai.

Shadow botnet spread to China

Recent monitoring data from discovery, Mirai and its variants controlled zombie army much spreading, infected devices are distributed throughout South America, Europe, Asia and other places. Among them, monitored IP address to the territory of our country at the end of March 2018, security vendors have been captured, the device is mainly distributed in the region of Fujian, Hunan, Shandong and Guangdong.
As one of the original discoverer and defender Mirai, 360 Security Institute have been on a global scale, monitor its' every move. " To its latest monitoring data, in the last two weeks, 99 million unique IP addresses infected with Mirai and its variants. Among them, the proportion of equipment from Egypt up to 54.68%, while the proportion of equipment from our country has reached 12.56%. So urgent need to increase protection awareness of domestic users, at least put an end networking equipment is still using the default login credentials, because in the eyes of unscrupulous hackers, those devices are good starting point, but also eager to find a botnet of "cowboys."

Conclusion

It should be said, the problem of Things devices, intelligent hardware surge current, botnets have become the world's common problems. Who holds the giant botnet, anyone can launch DDoS attacks on any target at any time, the monarchs of the Internet. The power of this "Thanos" type of existence for unscrupulous hackers, this is obviously very attractive, these variants also led to botnets in a short time is unlikely to be eradicated. In my opinion, everyone should be aware of the threat and malware Mirai generated. Last Mirai botnet incident has affected millions of people worldwide, and the next Mirai attack or may lead to even greater confusion, had to prevent.

Guess you like

Origin blog.csdn.net/weixin_43226231/article/details/90169283
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com