A new Mirai botnet version has been released by computer hackers as new attacks deploying it have been detected. The attack campaigns are global and target both individual users and service devices. This is one of the most popular weapons of computer criminals as it has remained an effective tool to take down whole networks.
The Mirai Botnet Has Received a Major Upgrade: A Cross-Platform Infection Technique
The Mirai botnet has long been one of the preferred tools to take down whole networks that include vulnerable devices. A recent discovery of a new variant has alarmed the security community due to the fact that the new version contains even more dangerous code. The main reason for disturbance is the fact that the production version used in the large attacks during 2016 and 2017 were leaked. This allowed many hacking groups and individual criminals to set up their own derivatives. The main reason why it is considered dangerous is that the new variants have been found to contain a cross-platform injection technique. What this means is that once compiled the Mirai botnet can intrude into several different operating systems at once.
Most of the attacks happen via network intrusion attempts. The hackers load the Mirai botnet as a payload delivery while attempting to intrude through vulnerable services that may be running on the computer hosts. This means that the criminals can target both individual users which are running applications that have open ports (Such as server apps, file sharing programs and etc.) and home automation (IoT) devices, as well as corporate networks.
The discovery of the new Mirai botnet variant has resulted in an in-depth analysis of its features. The experts state that new versions have been developed with a project called Aboriginal Linux. It allows the hackers to cross-compile the Mirai versions allowing the threats to be made compatible with a range of different devices. This means that one produced Mirai botnet sample can be used to contaminate a wide range of devices — mobile phones and tablets, as well as home automation equipment and routers.
From there on the infections will continue in their prescribed manner by scanning other hosts for vulnerabilities. The end goal is to create a massive worldwide network of devices that can be leveraged in DDOS (distributed denial-of-service) attacks.