Hacker Releases Mirai Botnet Code That Powered A DDoS Attack Of 1 Million Internet of Things Connected Devices
The code that used 1 million Internet of Things connected devices to form a botnet and attack websites with Distributed Denial of Service (DDoS) attack has been released by its author.The malware named Mirai is a DDoS trojan and targets Linux systems, and more precisely architectures deployed with IoT devices.
The author of the Mirai DDoS trojan, which was used to attack Brian Krebs’ website these past weeks, has published the source code of his malware following intense pressure from security researchers. ย The Mirai DDoS was first spotted in September 2016 by a security researcher named MalwareMustDie! It was found to be improved and sophisticated version of another DDoS trojan known under different names such as Bashlite, GayFgt, LizKebab, Torlus, Bash0day, and Bashdoor.
A link to the malware code was posted onย Hackforum by a user named โAnna-senpai,โ who dubbed the malware โMirai.โ The malware is designed to infect Internet of Things (IoT) devices that havenโt changed their default usernames and passwordsโa common occurrence in the frighteningly poor security used by IoT products like security cameras โsmartโ refrigerators, and other internet-connected home appliances. Mirai trojan gains control of the ย IoT devices and then uses them to conduct massive targeted DDoS attacks using a command and control server.
โWhen I first go in DDoS industry, I wasnโt planning on staying in it long. I made my money, thereโs lots of eyes looking at IOT now, so itโs time to GTFO,โ Anna-senpai wrote. โSo today, I have an amazing release for you. With Mirai, I usually pull max 380k bots from telnet alone. However, after the Kreb [sic] DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.โ
โSo, I am your senpai, and I will treat you real nice, my hf-chan,โ Anna-senpai added. Senpai is a Japanese honorific for learned man and is widely used inย all levels of education, and in sports clubs, businesses, and informal or social organizations in Japan.
The power of Mirai trojan can be deduced from the fact that it was used to conduct a whopping 620GB DDoS attack on Brian Krebbs website.