Stories
Slash Boxes
Comments

SoylentNews is people

Mirai IoT Botnet Source Code Released

posted by janrinok on Monday October 03 2016, @04:09PM   Printer-friendly
from the now-it's-a-battle-for-cameras dept.

takyon writes:

A few hundred thousand cameras want to talk to you:

A hacker has released computer source code that allows relatively unsophisticated people to wage the kinds of extraordinarily large assaults that recently knocked security news site KrebsOnSecurity offline and set new records for so-called distributed denial-of-service attacks.

KrebsOnSecurity's Brian Krebs reported on Saturday that the source code for "Mirai," a network of Internet-connected cameras and other "Internet of things" devices, was published on Friday. Dale Drew, the chief security officer at Internet backbone provider Level 3 Communications, told Ars that Mirai is one of two competing IoT botnet families that have recently menaced the Internet with record-breaking distributed denial-of-service (DDoS) attacks—including the one that targeted Krebs with 620 gigabits per second of network traffic, and another that hit French webhost OVH and reportedly peaked at more than 1 terabit per second. [...] According to Krebs, the Mirai source code was posted to the hacking community HackForums by a user with the handle Anna-senpai. Krebs said the leaker provided the following explanation:

When I first go in DDoS industry, I wasn't planning on staying in it long. I made my money, there's lots of eyes looking at IOT now, so it's time to GTFO. So today, I have an amazing release for you. With Mirai, I usually pull max 380k bots from telnet alone. However, after the Kreb [sic] DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.

Previously: A Source for Recent DDoS Attacks

Original Submission

 
This discussion has been archived. No new comments can be posted.
Mirai IoT Botnet Source Code Released | Log In/Create an Account | Top | 20 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Informative) by RS3 on Tuesday October 04 2016, @12:06AM

    by RS3 (6367) on Tuesday October 04 2016, @12:06AM (#409745)

    The problem I have with all the articles, is that I could not find a list of devices (beyond some Chinese Security camera) that are susceptible to this particular attack.

    For this malware dubbed “Mirai”, Krebs has a product list: https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/ [krebsonsecurity.com]

    I have a feeling there are many many more vulnerable devices out there.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   2  

  • (Score: 2) by takyon on Tuesday October 04 2016, @01:28AM

    by takyon (881) <takyonNO@SPAMsoylentnews.org> on Tuesday October 04 2016, @01:28AM (#409764) Journal

    HiSilicon sounds familiar... oh yeah, they make ARM SoCs, including 8-cores:

    https://en.wikipedia.org/wiki/HiSilicon [wikipedia.org]

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]

  • (Score: 0) by Anonymous Coward on Tuesday October 04 2016, @09:19AM

    by Anonymous Coward on Tuesday October 04 2016, @09:19AM (#409895)

    For this malware dubbed “Mirai”, Krebs has a product list: " rel="url2html-20703">https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/

    Uh, I think I see a problem with that.

    "My site has been the target of a largest DDoS in history, from a variety of vulnerable devices. If you want to know which devices are vulnerable, I put the list up on my site."