Mirai Botnet Include Several Exploits To Attacks Enterprises

Till now, Mirai Botnet was known for DDoS attacks only but now it has launched a new variant which is designed to target Enterprise device. The main purpose of this latest Mirai IoT Botnet behind targeting embedded device is to get control over the larger bandwidth to execute terrible DDoS attacks. Report reveals that the main author of this malware has been captured by security experts but the malware keep launching variants because its resource code is still available on Internet from 2016. First, Mirai Botnet was only known as Internet of Things (IoT) Botnet which infect security camera, routers, DVRs and similar smart devices, but later it started doing DDoS attacks.

Mirai Variant Attack Enterprise IoT Devices

Researchers of Palo Alto Network Unit 42 has detected the latest variant of Mirai malware. For the first time variant of this malware is targeting enterprise devices which include LG Supersign TVs and WePresent WiPG-1000 Wireless Presentation systems. According to reports, the Botnet has included 11 new exploits and unusual default credentials which is used in the brute force attacks for Internet connected device. However the malware has executed exploit for CVE-2018-17173 (LG Supersign TVs ) in last year. In addition to these two exploit, the latest Mirai variant also target several embedded hardware device which include :

  • Network Storage Devices
  • NVRs and IP cameras
  • Linksys routers
  • DLink routers
  • ZTE routers

After identifying the vulnerable devices, Mirai variant scan them and then fetch the payload from a malicious website which is downloaded on the compromised device. Researchers also find that the website on which payload is hosted was located in Colombia whose owner is a businessman of security electronic device alarm monitor and integration. Later the compromised device is added to Botnet network which is then utilized to initiate HTTP Flood DDoS attacks. As revealed by a security researcher, poor default credential and design of the device are main loopholes that gives advantage to the new Mirai variants.

Secure IoT Device Against Mirai Attack?

Internet connected device can add convenience to your life but they can be attacked by Mirai and similar malware which make connected device vulnerable. Through this way the cyber criminals can easily access your data, attack IoT device with ransomware to demand money to give access of that device. Not only this, hackers can also obtain your financial information to wipe money from your bank account. That’s why it is necessary to secure these smart device. Here are some tips using which you can protect your IoT device :

  • Change name of your router which is given by manufacturer, it help hackers to identify model. So give some unique name to router.
  • Change default password of your IoT after you purchase it. Always install latest updates to reduce chance of vulnerability.
  • Change default settings and privacy of your Internet connected device. Default settings can give advantage to cyber criminals.

In addition, you should also avoid using public Wi-Fi, instead of that use VPN. If you follow these security measures then you can keep your IoT device secured from Mirai and similar attack.

Leave a Reply

Your email address will not be published. Required fields are marked *