Source code that was used to mount one of the biggest Distributed Denial of Service (DDoS) Attacks ever seen has been released into the wilds of the internet prompting massive fears that widespread DDoS attacks will become everyday occurrences around the globe.
The Mirai malware botnet, was used to take down the security news site KrebsOnsecurity earlier this year, and broke records for the sheer scale of the DDos attack. And now the Mirai botnet has been made freely available to any hacker or wannabe hackers to try and use.
Mirai is considered dangerous because it attacks connected peripherals such as insecure routers, IP webcams, and other smart devices that users leave with either no security, or easily crackable passwords.
The hacker, who goes by the name of ‘Anna-senpai’ also released a tutorial on how to setup the internet of things (IoT) malware on the popular hacker Hackforums.net site.
Mirai works by spreading itself across the internet searches for “vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords. Vulnerable devices are then seeded with malicious software that turns them into “bots,” forcing them to report to a central control server that can be used as a staging ground for launching powerful DDoS attacks designed to knock Web sites offline.”
The KrebsonSecuritywebsite was subjected to a sustained DDoS attack by Mirai in September when it was bombarded by up to 600 Gigabits of data every second, effectively taking the website offline.
The DDos attack against Krebs was however broken in the same month with another Mirai variant based attack against French hosting firm OVH that was hit over the head with a peak data load of over 1000 gigabits per second.
Fortunately, curing infected devices of Mirai is relatively simple. Simply reboot the device in question. Mirai can currently only exist in memory. But if users don’t then change the default IoT device password they are extremely liable to be hacked again by Mirai in just a few minutes.