CYBR650-T302
Week 3

New Mirai Variant of Infamous IoT Botnet Unleashes 54-Hour DDoS Attack

A variant of the Mirai botnet was discovered as the culprit for a 54 hour Disrupted Denial of Service (DDoS) attack against a U.S. college. Last October the Mirai botnet was one of the most talked about DoS attack in history. The Mirai botnet is a type of malware that automatically finds vulnerable Internet of Things (IoT) devices and makes them into a group of computing devices that can be centrally controlled. Once enough groups of the IoT’s have been assembled they can be used to launch a DDoS attack releasing large amounts of traffic on a targets servers.

Since the Mirai botnet source code was leaked several new variants have surfaced. One version attacked 2400 TalTalk Telcom home routers in the UK, a new windows variant has been found that would spread the Linux Trojan to other IoT devices. More than 900,000 Deutsche Telekom customers in Germany internet service was disrupted. Researchers have recently found that 80 models of Sony cameras are vulnerable to a Mirai takeover. 

According to Security Week magazine “On Feb. 28, the new Mirai threat was used to launch a DDoS attack against a US college, and researchers say that the assault continued for 54 hours straight. The average traffic was of over 30,000 requests per second (RPS) and peaked at around 37,000 RPS, the highest of any Mirai botnet (the attack generated a total of over 2.8 billion requests).” (Arghire, 2017)

References

Arghire, I. (2017, March 29). New Mirai Variant Unleashes 54-Hour DDoS Attack. Retrieved from Security Week: http://www.securityweek.com/new-mirai-variant-unleashes-54-hour-ddos-attack

Newman, L. (2016, December 09). The Botnet That Broke the Internet Isn’t Going Away. Retrieved from Wired: https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/