October 3, 2016
With rapidly growing Internet of Thing (IoT) devices, they have become a much more attractive target for cybercriminals.
Just recently we saw a record-breaking Distributed Denial of Service (DDoS) attacks against the France-based hosting provider OVH that reached over one Terabit per second (1 Tbps), which was carried out via a botnet of infected IoT devices.
Now, such attacks are expected to grow more rapidly as someone has just released the source code for IoT botnet, which was ‘apparently’ used to carry out world’s largest DDoS attacks.
Dubbed Mirai, the malware is a DDoS Trojan that targets BusyBox systems, a collection of Unix utilities specifically designed for embedded devices like routers.
The malware is programmed to hijack connected IoT devices that are using the default usernames and passwords set by the factory before devices are first shipped to customers.
Spotted by Brian Krebs, the “Mirai” source code was released on Hackforums, a widely used hacker chat forum, on Friday.
However, there is no concrete evidence that this is the same botnet malware that was used to conduct record-breaking DDoS attacks on Krebs’ or OVH hosting website.
Reportedly, the attack code has built-in scanners that look for vulnerable smart devices in homes and enroll them into a network of Botnet, that hackers and cyber criminals can then use in a DDoS attack to temporarily shut down any website.