Blog

• The victim was the servers of Dyn, a company that controls much of the internet’s domain name system (DNS) infrastructure. It was hit on 21 October and remained under sustained assault for most of the day, bringing down sites including Twitter, the Guardian, Netflix, Reddit, CNN and many others in Europe and the US.

• Mirai then identifies vulnerable IoT devices using a table of more than 60 common factory default usernames and passwords, and logs into them to infect them with the Mirai malware. Infected devices will continue to function normally, except for occasional sluggishness, and an increased use of bandwidth.

• Mirai as Internet of things (IoT) devices threat has not been stopped after the arrest of the actors, since the other actors are utilizing the Mirai malware source code that is openly shared in the GitHub to just use it or to evolve Mirai into new variants and expand its botnet node (networking) to the previously untouched IoT devices.

Unlike other botnets, which are typically made up of computers, the Mirai botnet is largely made up of so-called “ internet of things ” (IoT) devices such as digital cameras and DVR players. Because it has so many internet-connected devices to choose from, attacks from Mirai are much larger than what most DDoS attacks could previously achieve.

On October 21, 2016, one year ago this past weekend, the customers of a company called Dyn found themselves knocked off the Internet for all intents and purposes. A massive distributed denial of service attack (DDoS) was underway and it had managed to render thousands of websites inaccessible.

Mirai then identifies vulnerable IoT devices using a table of more than 60 common factory default usernames and passwords, and logs into them to infect them with the Mirai malware. Infected devices will continue to function normally, except for occasional sluggishness, and an increased use of bandwidth.

Mirai as Internet of things (IoT) devices threat has not been stopped after the arrest of the actors, since the other actors are utilizing the Mirai malware source code that is openly shared in the GitHub to just use it or to evolve Mirai into new variants and expand its botnet node (networking) to the previously untouched IoT devices.