Mira botnet now focuses on business IoT networks

Mira botnet now focuses on business IoT networks

The infamous botnet Mirai is back. A new variant of the botnet focuses on business IoT devices. In this way, Mirai collects a great deal of bandwidth in order to be able to carry out DDoS attacks. Mirai takes advantage of vulnerabilities that usually arise from unpatented software.

A hacker who offers a DDoS attack for sale is particularly interested in one thing: bandwidth. The greater the bandwidth, the stronger the attack. Usually, companies and similar organisations have the most bandwidth. Presumably a new species of Mirai botnet has risen as a result.

Business IoT

The renewed Mirai botnet actively focuses on business IoT devices. These include televisions, but also projectors that display advertisements, routers, IP cameras, digital video recorders and other similar equipment. In contrast to The Register, researchers from Palo Alto Networks’ Unit 42 argue that this version of Mira focuses primarily on WePresent projectors, D-Link video cameras, LG televisions and on routers from Netgear, D-Link and Zyxel.

In doing so, Mirai exploits various vulnerabilities, which are usually the result of unpatched firmware. Unit 42 saw that this new variant focused primarily on WePresent WiPG-1000 Wireless Presentation systems and LG Supersign televisions, according to the researchers. Both devices are intended for use by companies. This development shows us a possible shift where Mira focuses on companies.

Improved security

Despite the fact that hackers are focusing more and more on companies in the first place, this is also a problem for them somewhere. Usually, a company not only has more mechanisms to secure its systems, but they are also faster at troubleshooting and hacking. However, it is questionable whether even the most secure companies update the firmware of their televisions.

Focusing on business vulnerabilities may give hackers access to more bandwidth than is available through consumer devices, giving them more firepower for DDoS attacks, the researchers conclude.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.