In the wake of large scale DDoS attacks that disrupted global internet services last Friday, it has emerged that a malware called Mirai might have had some part to play in the attacks. While the initial waves of attacks seemed to focus on eastern United States, subsequent attacks were directed at websites around the world.
The attacks came to light at around 7:00 am (EST) when users noticed that they couldn’t access several popular websites including Twitter, Netflix, Spotify and Reddit. It later emerged that the attacks targeted Dyn Inc. a company that handles web traffic for several popular websites. While the situation was resolved in a matter of hours, their origin remains unknown as of now. The US Department of Homeland Security is presently investigating the attacks, which are the latest in a spate of increasingly strong cyber attacks.
It has emerged that criminal botnets were responsible for the attacks and at least some of them were infected by the Mirai malware. Mirai, a relatively simple software, can be used to take over Internet-connected devices and use them to launch DDoS attacks.
In the meantime, Chinese firm Hangzhou Xiongmai Technology has revealed that its DVRs and Internet-based cameras, might have been used in some of the attacks. Reportedly hackers cracked the devices’ weak default passwords and infected them with Mirai to launch the attacks. The company has now advised customers to change their devices and update them to preserve their private information.
Source codes for Mirai can easily be procured on the dark web and cyber security experts had earlier predicted that Mirai could be used by hackers in the future.