Subscribe via RSS Feed Connect on Google Plus Connect on Flickr

The war of the Mirai and XiongMai

Saturday, 22 October, 2016

It sounds like something from Star Trek: The war of the Mirai and the XiongMai. But it’s neither Hollywood nor science fiction. It’s real. Yesterday, users of Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix experienced problems because Dyn, an internet infrastructure company that provides critical services to these sites, sustained a massive, malicious attack. Spearheading it was Mirai, malware that had hijacked digital video recorders and cameras made by XiongMai Technologies, a Chinese hi-tech company. Mirai trawls the web for cheap devices protected by just their factory-default usernames and passwords and then conscripts them for attacks that launch wave upon wave of junk traffic at targets until they can no longer serve legitimate users.

Only a week ago, US-CERT, which is part of the Department of Homeland Security, issued a warning titled “Heightened DDoS Threat Posed by Mirai and Other Botnets.” It pointed the finger at the vulnerability of the Internet of Things (IoT), “an emerging network of devices (e.g., printers, routers, video cameras, smart TVs) that connect to one another via the Internet, often automatically sending and receiving data.” According to US-CERT, “IoT devices have been used to create large-scale botnets — networks of devices infected with self-propagating malware — that can execute crippling distributed denial-of-service (DDoS) attacks. IoT devices are particularly susceptible to malware, so protecting these devices and connected hardware is critical to protect systems and networks.”

The solution? Security expert Brian Krebs is calling for a major, global effort to recall and remove vulnerable systems from the internet. “In my humble opinion, this global cleanup effort should be funded mainly by the companies that are dumping these cheap, poorly-secured hardware devices onto the market in an apparent bid to own the market. Well, they should be made to own the cleanup efforts as well.”

Malware  code


Comments are closed.