The DDOS attack led by the Mirai Botnets have caused a havoc last year. The outbreak was so powerful that it made national headlines in many countries. If you are unaware, it affected the DNS server and brought down powerful websites such as Amazon, Twitter, and Netflix. According to experts, Mirai Botnets entered the DNS system through smart webcams and blotted the sites with so much traffic that it eventually crashed the system. More than 100 thousand unprotected devices sent traffic to the DNS server – reportedly in the region of 1.3tbps.
Recently a Chinese cyber-security analyst firm Qihoo 360 identified new waves of Mirai botnets. The term “Mirai” creates a sense of panic among web business, both large and small. After the attack, security firms all over the world have identified emerging variants of Mirai Botnets. But, they haven’t caused anything as destructive as one we experienced last year. However, experts predict that they might be waiting for the right time to strike the next deadly blow to the internet giants.
The firm drove its attention towards Mirai, when the traffic scanning posts 2323 and 23 were infected by the same botnets. A significant volume of unique IP addresses originated from Argentina and entered the system. After the investigation, reporters stated that the botnets were scanning vulnerable devices designed by ZyXEL communications. Mirai botnets were using two telnet credentials admin/CentryL1nk and admin/QwestM0dem to gain access to the ports. The root privilege was granted by a ZyXEL modem commonly known as CVE-2016-10401. Most ZyXEL devices use zyad5001 as integrated password, which makes it easier for the hackers to infect the device.
Qihoo suggests companies and websites to use highly secured devices and change the username and password as soon as they install it in their organization. Hence, it is not just the manufacturers. Both buyers and sellers must work together to fix the mess. However, the government should pay concern the threat as it is related to the national security. The Internet of Things malware that turns household devices, cameras, and routers into traffic is just sleeping. It’s a matter of time before it launches the next attack, so we must be prepared.