Download the Mirai source code, and you can run your own Internet of Things botnet

Graham Cluley

Download the Mirai source code, and you can run your own Internet of Things botnet

Download the Mirai source code, and you can run your own Internet of Things botnet

Fancy running your own botnet, hijacking control of Internet of Things (IoT) devices such as internet-enabled CCTV cameras and routers to bombard websites with distributed denial-of-service attacks?

Well, it’s just been made that little bit easier for you, with the release of the source code of Mirai, a family of malware capable of rapidly recruiting an army of poorly-protected devices and then commanding to launch attacks.

Security blogger Brian Krebs reports:

The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.

Vulnerable devices are then seeded with malicious software that turns them into “bots,” forcing them to report to a central control server that can be used as a staging ground for launching powerful DDoS attacks designed to knock Web sites offline.

Just such an attack knocked Krebs’ website offline at the end of last month with what is thought to have been one of the largest DDoS attacks ever seen, after he exposed information about the inner-workings of vDOS, a DDoS-for-hire service.

Millions of new IoT devices are being plugged into the net every day, and many of them will have weak security just waiting to be exploited by online criminals. The flaws can range from shipping with default passwords that users never bother to change, to weak or non-existent encryption, to no infrastructure for updating devices if a vulnerability is found at a later date.

As I explain in the video below, an internet of things which doesn’t treat security and privacy as a priority puts all of us at risk.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Download the Mirai source code, and you can run your own Internet of Things botnet”

  1. I wouldn't have minded reading the entire article, looking for Mirai, if your title hadn't been: "Download the Mirai source code, and you can run your own Internet of Things botnet" SERIOUSLY?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.