Fighting back against Mirai botnet

Last month the malware, named ‘Mirai’, was released on a hacking forum and since then has caused havoc.

The source code is a DDoS Trojan and targets Linux systems and, in particular, IoT devices.

Mirai finds smart devices – particularly in homes – that have weak passwords and takes control.

In October Mirai was used – reportedly by not particularly skilled hackers – to attack Dyn Managed DNS infrastructure, which shut down a host of major websites like Twitter, Reddit and Spotify.

Many of the devices involved came from Chinese manufacturers, which had weak usernames and passwords that cannot be changed by the user.

>See also: Major sites shut down by DDoS attack after taking over smart devices

Last week, the same malware was used to cripple Liberia’s internet. It is worrying times that threaten to get worse if you untreated.

“Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords,” explained cybersecurity expert Brian Krebs, “and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.”

Mounting a counter attack

To combat this growing vulnerability Imperva has launched a new scanner that allows consumers and businesses to scan their IoT devices to check if they are infected by or vulnerable to the Mirai malware.

The scanner is free to use, and provides businesses and individuals with a way of fighting back against the invasive malware.

How does it work?

When you click on “Scan My Network Now” the scanner will discover your public IP address — this is the IP address typically assigned to your internet gateway device or cable modem by your ISP.

>See also: A nation compromised: Liberia’s internet hacked

This device often functions as a router and Wi-Fi access point connecting other devices on your network to the internet.

The Mirai scanner will check your gateway from outside your network to see if there are any remote access ports that are vulnerable to attack by Mirai.

It can only scan your public IP address.

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Botnets