Refreshed Mirai Noticed

Delaware, USA – April 10, 2019 – The researchers of Palo Alto Networks Unit 24 published a report informing about a strain of Mirai malware compiled to target Xilinx MicroBlaze, Altera Nios II, Tensilica Xtensa and OpenRISC processors is in the wild.

Along with the gained abilities to target new systems like digital signal processors, routers and networked sensors, the new Mirai variant got a refashioned encryption of botnet communication algorithm as well as the renewed attack_method_ovh method of DDoS attack, however, the reason for making the new method a component of the malware remains unclear since just the same parameters are used in the original Mirai attack_method_tcpsyn.

The files were found on an IP that hosted them via open directory, but after the server’s update in February the file listing was hidden. The malware code was published in 2016 and exploited systems with the default or hardcoded user credentials. Mirai was extremely active during a notorious attack at Dyn what caused massive internet outage and attempt to knock down Liberia out of the internet, among others. Considering that Mirai is opensource and available for compiling to target a wider variety of processors and enables reaching the larger victims amounts consequently.

Mirai is a highly spreading malware aimed at victimizing IoC devices and changing equipment into bots for further use as sources for massive DDoS attacks. Stay updated about the latest content to keep your infrastructure secure with the Threat Detection Marketplace:

https://tdm.socprime.com/tdm/info/1764/