#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

mirai botnet | Breaking Cybersecurity News | The Hacker News

Hajime ‘Vigilante Botnet’ Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide

Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide

Apr 27, 2017
Last week, we reported about a so-called 'vigilante hacker' who hacked into at least 10,000 vulnerable 'Internet of Things' devices, such as home routers and Internet-connected cameras, using a botnet malware in order to supposedly secure them. Now, that vigilante hacker has already trapped roughly 300,000 devices in an IoT botnet known as Hajime , according to a new report published Tuesday by Kaspersky Lab, and this number will rise with each day that passes by. The IoT botnet malware was emerged in October 2016, around the same time when the infamous Mirai botnet threatened the Internet last year with record-setting distributed denial-of-service (DDoS) attacks against the popular DNS provider Dyn. How the Hajime IoT Botnet Works Hajime botnet works much like Mirai by spreading itself via unsecured IoT devices that have open Telnet ports and uses default passwords and also uses the same list of username and password combinations that Mirai is programm
To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does

To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does

Apr 19, 2017
It should be noted that hacking a system for unauthorised access that does not belong to you is an illegal practice, no matter what's the actual intention behind it. Now I am pointing out this because reportedly someone, who has been labeled as a 'vigilante hacker' by media, is hacking into vulnerable 'Internet of Things' devices in order to supposedly secure them. This is not the first time when any hacker has shown vigilance, as we have seen lots of previous incidents in which hackers have used malware to compromise thousands of devices, but instead of hacking them, they forced owners to make them secure. Dubbed Hajime , the latest IoT botnet malware, used by the hacker, has already infected at least 10,000 home routers, Internet-connected cameras, and other smart devices. But reportedly, it's an attempt to wrestle their control from Mirai and other malicious threats. Mirai is an IoT botnet that threatened the Internet last year with record-sett
Hacker Who Knocked Million Routers Offline Using MIRAI Arrested at London Airport

Hacker Who Knocked Million Routers Offline Using MIRAI Arrested at London Airport

Feb 23, 2017
British police have arrested a suspect in connection with the massive attack on Deutsche Telekom that hit nearly 1 Million routers last November. Late last year, someone knocked down more than 900,000 broadband routers belonging to Deutsche Telekom users in Germany, which affected the telephony, television, and internet service in the country. Now, Germany's federal criminal police force (BKA) revealed today that the UK's National Crime Agency (NCA) reportedly arrested a 29-year-old British suspect at Luton airport in London on Wednesday, who is accused of being the mastermind behind the last year's attack. In a statement , the German police said the last year's attack was especially severe and was carried out to compromise the home routers to enroll them in a network of hijacked machines popularly known as Botnet, and then offer the DDoS services for sale on dark web markets. But ultimately, the attack created a denial-of-service situation, which resulted i
cyber security

Instantly See How Much Time You Can Save by Automating Compliance

websiteVantaAutomate Compliance
Get an instant calculation of how much time you could save by automating compliance with Vanta.
Unpacking 2024's SaaS Threat Predictions

Unpacking 2024's SaaS Threat Predictions

Jun 05, 2024SaaS Security / Artificial Intelligence
Early in 2024, Wing Security released its State of SaaS Security report , offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many of these issues, ensuring security teams have the necessary tools to face these challenges head-on. In this article, we will revisit our predictions from earlier in the year, showcase real-world examples of these threats in action, and offer practical tips and best practices to help you prevent such incidents in the future. It's also worth noting the overall trend of an increasing frequency of breaches in today's dynamic SaaS landscape, leading organizations to demand timely threat alerts as a vital capability. Industry regulations with upcoming compliance deadlines are demanding similar time-sens
New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices

New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices

Feb 10, 2017
MIRAI – possibly the biggest IoT-based malware threat that emerged last year, which caused vast internet outage in October last year by launching massive distributed denial-of-service (DDoS) attacks against the popular DNS provider Dyn . Now, the infamous malware has updated itself to boost its distribution efforts. Researchers from Russian cyber-security firm Dr.Web have now uncovered a Windows Trojan designed to built with the sole purpose of helping hackers spread Mirai to even more devices. Mirai is a malicious software program for Linux-based internet-of-things (IoT) devices which scan for insecure IoT devices, enslaves them into a botnet network, and then used them to launch DDoS attacks, and spreads over Telnet by using factory device credentials. It all started early October last year when a hacker publicly released the source code of Mirai . Dubbed Trojan.Mirai.1, the new Trojan targets Windows computers and scans the user's network for compromisable Linux-
Cyber Attack Knocks Nearly a Million Routers Offline

Cyber Attack Knocks Nearly a Million Routers Offline

Nov 29, 2016
Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices. Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world's biggest and most popular websites. Now, more than 900,000 broadband routers belonging to Deutsche Telekom users in Germany knocked offline over the weekend following a supposed cyber-attack, affecting the telephony, television, and internet service in the country. The German Internet Service Provider, Deutsche Telekom, which offers various services to around 20 Million customers, confirmed on Facebook that as many as 900,000 customers suffered internet outages on Sunday and Monday. Millions of routers are said to have vulnerable to a critical Remote code Execution flaw in routers made by Zyxel and Speedport, wherein Internet port 7547 open to receive commands based on the TR-069 and related TR-064 protocols, which are meant to use by
More Insights On Alleged DDoS Attack Against Liberia Using Mirai Botnet

More Insights On Alleged DDoS Attack Against Liberia Using Mirai Botnet

Nov 05, 2016
On Thursday, we compiled a story based on research published by a British security expert reporting that some cyber criminals are apparently using Mirai Botnet to conduct DDoS attacks against the telecommunication companies in Liberia, a small African country. In his blog post , Kevin Beaumont claimed that a Liberian transit provider confirmed him about the DDoS attack of more than 500 Gbps targeting one undersea cable servicing Internet connectivity for the entire country. Later, some media outlets also confirmed that the DDoS attack caused Internet outage in some parts of the country, citing 'slow Internet' and 'total outage' experienced by some local sources and citizens. "The DDoS is killing our business. We have a challenge with the DDoS. We are hoping someone can stop it. It's killing our revenue. Our business has frequently been targeted" an employee with one Liberian mobile service provider told PC World . Network firm Level 3 confirmed Zack Whittaker
Someone is Using Mirai Botnet to Shut Down Internet for an Entire Country

Someone is Using Mirai Botnet to Shut Down Internet for an Entire Country

Nov 03, 2016
Note — We have published  an updated article on what really happened behind the alleged DDoS attack against Liberia using Mirai botnet. Someone is trying to take down the whole Internet of a country, and partially succeeded, by launching massive distributed denial-of-service (DDoS) attacks using a botnet of insecure IoT devices infected by the Mirai malware. It all started early October when a cyber criminal publicly released the source code of Mirai – a piece of nasty IoT malware designed to scan for insecure IoT devices and enslaves them into a botnet network, which is then used to launch DDoS attacks. Just two weeks ago, the Mirai IoT Botnet caused vast internet outage by launching massive DDoS attacks against DNS provider Dyn, and later it turns out that just 100,000 infected-IoT devices participated in the attacks. Experts believe that the future DDoS attack could reach 10 Tbps, which is enough to take down the whole Internet in any nation state. One such inciden
New IoT Botnet Malware Discovered; Infecting More Devices Worldwide

New IoT Botnet Malware Discovered; Infecting More Devices Worldwide

Nov 01, 2016
The whole world is still dealing with the Mirai IoT Botnet that caused vast internet outage last Friday by launching massive distributed denial of service (DDoS) attacks against the DNS provider Dyn, and researchers have found another nasty IoT botnet. Security researchers at MalwareMustDie have discovered a new malware family designed to turn Linux-based insecure Internet of Things (IoT) devices into a botnet to carry out massive DDoS attacks. Dubbed Linux/IRCTelnet , the nasty malware is written in C++ and, just like Mirai malware , relies on default hard-coded passwords in an effort to infect vulnerable Linux-based IoT devices. The IRCTelnet malware works by brute-forcing a device's Telnet ports, infecting the device's operating system, and then adding it to a botnet network which is controlled through IRC (Internet Relay Chat) – an application layer protocol that enables communication in the form of text. So, every infected bot (IoT device) connects to a mali
Mirai Botnet Itself is Flawed; Hacking Back IoTs Could Mitigate DDoS Attacks

Mirai Botnet Itself is Flawed; Hacking Back IoTs Could Mitigate DDoS Attacks

Oct 29, 2016
The infamous botnet that was used in the recent massive distributed denial of service (DDoS) attacks against the popular DNS provider Dyn, causing vast internet outage  last Friday, itself is flawed. Yes, Mirai malware, which has already enslaved millions of Internet of Things (IoT) devices across 164 countries, contains several vulnerabilities that might be used against it in order to destroy botnet's DDoS capabilities and mitigate future attacks. Early October, the developer of the malware publically released the source code of Mirai , which is designed to scan for IoT devices – mostly routers, cameras, and DVRs – that are still using their default passwords and then enslaves them into a botnet, which is then used to launch DDoS attacks. However, after a close look at the source code, a researcher discovered three vulnerabilities, one of which could be used to shut down Mirai's ability to flood targets with HTTP requests. A stack buffer overflow vulnerability wa
Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Oct 27, 2016
Guess how many devices participated in last Friday's massive DDoS attack against DNS provider Dyn that caused vast internet outage? Just 100,000 devices. I did not miss any zeros. Dyn disclosed on Wednesday that a botnet of an estimated 100,000 internet-connected devices was hijacked to flood its systems with unwanted requests and close down the Internet for millions of users. Dyn executive vice president Scott Hilton has issued a statement , saying all compromised devices have been infected with a notorious Mirai malware that has the ability to take over cameras, DVRs, and routers. "We're still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints," Hilton said. "We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets." Mirai malware scans for Internet of Things (IoT) devices that are still using their default passwords and then enslaves those
Expert Insights
Cybersecurity Resources