New Mirai variant hits SD-WANs, wireless presentation systems

The Mirai IoT botnet has had its source code leaked into the wild (Image ALFSnaiper / iStockPhoto)
A new Mirai malware variant can attack SD-WANs. (ALFSnaiper/iStockPhoto)

Palo Alto Networks Unit 42 recently discovered a new variant of the Mirai malware comprised of eight new exploits against a range of embedded devices.

The targeted devices range from wireless presentation systems to set-top-boxes, SD-WANs and even smart home controllers, according to a research note written by Ruchna Nigam on June 6.

Mirai has historically been known for aiming at embedded devices such as DVRs and IP cameras to launch DDoS attacks, going back to late 2016 when internet provider Dyn was hit.

Sponsored by Infosys

Infosys positioned as a Leader in Gartner Magic Quadrant for IT Services for Communications Service Providers, Worldwide 2020

The Gartner Magic Quadrant evaluated 12 vendors and Infosys was recognized for its completeness of vision and ability to execute.
Infosys leverages its global partner ecosystem, CSP-dedicated studio, design tools, and 5G Living Labs to boost service delivery. Innovative solutions such as the ‘Infosys Cortex2’ are driving business value for CSPs.

RELATED:  Year in Review: Cyber attacks on IoT devices, networks grow in intensity

Since 2018, Nigam said Mirai malware authors have experimented with new exploits that sometimes try to gain more bots for use in exploits with larger botnets.  Palo Alto found the new exploits on exploit-db, which is publicly available.

The new exploits rely on a new encryption key and brute force attacks.

“This newly discovered variant is a continuation of efforts by Linux malware authors to scout for a wider range and thus, larger number, of IoT devices to form larger botnets thereby affording the greater firepower for DDoS attacks,” Nigam said.  “The exploits that are more effective and infect a greater number of devices are retained or reused in future variants.”

Palo Alto customers are protected by WildFire detection software and Threat Prevention and PANDB to block exploits used by the variant.


Suggested Articles

Legendary Samsung Chairman Lee Kun-hee died earlier this week after six years of illness

Lab inside ST fab in Singapore will bring together scientists from A * STAR Institute of Microelectronics and Japan’s ULVAC

The rush to test ventilators was “like sprinting down a pier while also building the pier”