A brand new variant of the infamous Mirai Internet of Things (IoT) botnet have been uncovered by the security researchers. This new variant is meant to target the embedded devices that are intended for the use within the business environments while it attempts to control the larger bandwidth carrying out the catastrophic DDoS attacks. The original creators of the Mirai botnet malware have been arrested and sentenced to imprisonment. But the other variants of the infamous IoT malware that includes Satori and Okiru keeps emerging as the source code is still available on the internet since 2016, when it first emerged.
The newest variant of the Mirai malware is focussed on targeting the devices of the enterprises that includes WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. This was found out by the Palo Alto network Unit 42 researchers. The malware variant adds 11 new exploits the multi-exploit battery that made it a total of 27 exploits. Along with this, a new set of unusual default credentials were added that is meant to use in the brute force attacks against the Internet-connected devices.
The latest Mirai malware variant is also targeting several embedded hardware like the following:
- DLink routers
- Linksys routers
- Network Storage Devices
- NVRs and IP cameras
- ZTE routers
After the scanning and the identification of the vulnerable devices, the malware fetches the latest Mirai payload from a website that is compromised and downloads it on a targeted device, which then is added to the botnet network and finally can be used to launch the HTTP Flood DDoS Attacks. Mirai is an infamous botnet that is responsible for some catastrophic and record breaking DDoS Attacks. The Mirai based attacks gained a sudden rise in October 2016 when someone released the source code publicly and created heavy chaos.