Botnets are everywhere, or at least that’s how it appears.
Barely a month goes by without news of yet another malware attack.
In this post, we want to look at one in particular – the Mirai malware.
This little blighter is causing mayhem at the moment. It is so effective and prevalent; this malicious program is infecting a number of internet-connected devices that come under the IoT (Internet of Things) umbrella.
Mirai’s goal is simple: to collect and control enough IoT devices to perform DDoS (Distributed Denial of Service) attacks.
The problem is, defeating the Mirai malware is proving difficult.
It forces infected devices to disclose default Wi-Fi passwords and Service Set Identifier (SSID) codes. This means cyber criminals could both re-infect routers and devices and use an infected device’s SSID for targeted cyber attacks.
It highlights how default passwords are enabling cybercriminals to infect and recruit connected devices for illicit, and disruptive, means.
Most recently, a modified version of Mirai managed to infect about 100,000 TalkTalk customers in the UK, and 900,000 Deutsche Telekom customers in Germany. A BBC report said that many of these infected devices might have given up their default passwords to the attacker. Much of the success of Mirai comes down to its publicly available source code, allowing any cyber criminal to create their version of the malware.
This is just another example of why it’s so important to change default passwords on routers and other IoT devices.