- Mirai is a piece of malicious Software used to create large botnets
- Targets IoT devices and routers
- 360k bots at peak efficiency
- Popular security expert demonstrates infection on IoT security camera on Twitter
- Results are surprising
- Botnet created within 96 seconds
- Tries to connect via telnet
- Downloads the Bot
- Secures its position
- Waits for commands
- Scans for other devices to spread to
- Mirai botnet attacking Dyn DNS and disrupted access to many major webservices
- Change default device password and use unique and complex password
- Keep your devices at home
- Check for "Universal Plug and Play" features and turn these off
- Check software updates and patches
- Don't let telnetd run openly by default
- Ask the users not to serve SSH in the default ports
- https://www.grahamcluley.com/protect-iot-devices/
- https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html
- http://securityaffairs.co/wordpress/51868/malware/mirai-botnet-source-code.html
- http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html
- https://www.pentestpartners.com/blog/what-is-mirai-the-malware-explained/
- http://www.spoofit.org/new-mirai-cc-deployed/
- https://www.malwaretech.com/2016/10/mapping-mirai-a-botnet-case-study.html
- https://security.stackexchange.com/questions/151507/how-does-mirais-cc-communicate-with-its-bots
- https://github.com/jgamblin/Mirai-Source-Code/blob/master/ForumPost.md