This article details breaking news about three new attacks from the Mirai Botnet. You might also know this botnet as the devastating ransomware WannaCry.

In April 2018, we covered the story of how university students developed what would become the WannaCry ransomware.

But before it attacked millions of devices, WannaCry was the Mirai botnet–a DDoS army that was used by, among others, university students that wanted an edge in Minecraft.

The latest variants enable the botnet to target DVRs, routers, and other devices.

What are the three new attacks and how you protect your IoT devices?

image of person holding up red card for hacking for article 3 Brand New Mirai Botnet Attacks Against IoT Devices
Geralt | Pixabay

Three Different Attacks; One Sole Creator

As we covered before, the Mirai Botnet works as a large distributed denial-of-service (DDoS) attack. It only developed into WannaCry after one of its creators released the code online.

This led to many variations on the original DDoS, brute force attack method. But four of the Mirai Botnet variants — Sora, Wicked, Omni, and Owari — might all be by the same author.

Cybersecurity researchers at Fortinet came to this conclusion after studying the code. In fact, they think that some of the variants weren’t originally meant to operate autonomously.

“This also leads us to the conclusion that while the Wicked bot was originally meant to deliver the Sora botnet, it was later re-purposed to serve the author’s succeeding projects”, says the Fortinet blog.

Though the code is not that new, researchers keep unpacking new beasties. These latest variants target different devices than previous Mirai Botnet variants.

image of Netgear DGN1000 router for article 3 Brand New Mirai Botnet Attacks Against IoT Devices
Netgear DGN1000 router | YouTube

Affected Devices and a Potential Culprit

Previous botnet attacks targeted many IoT devices because of their notoriously lax security standards.

Given the maelstrom of data privacy concerns now in the public eye, anxieties about hackers are not something else your average citizen needs to have on their mind.

Fortinet outlined some of the specific affected devices in their May 17th, 2018 blog post. It included Netgear routers and CCTV-DVR remotes as well as already infected web servers.

image of Devices attacked in latest Mirai Botnet variant update for article 3 Brand New Mirai Botnet Attacks Against IoT Devices
Devices attacked in latest Mirai Botnet variant update | Fortinet

The bot downloads the malicious payload, but there seems to be some relationship between the three variants. As Fortinet points out, Omni bot samples replaced Owari bot samples in some of the exploits. They did not elaborate on the purpose behind this.

Fortinet believes they spoke to the original author in April, forming this theory from that interview. They offered advice we want to echo: remember to regularly update and patch your IoT devices.

What is your biggest fear about the approaching IoT future of interconnectivity?

banner ad to seo services page