Wednesday, December 13, 2017

IoT security: Mirai vs Minecraft (and internet)

The Mirai Botnet Was Part of a College Student Minecraft Scheme | WIRED

"...distributed denial-of-service (DDoS) attack a hundred times larger than most of its kind
...
many of the Mirai assaults had appeared to target 
Minecraft gaming servers. 
...
The brains behind Mirai were a 21-year-old Rutgers college student from suburban New Jersey and his two college-age friends from outside Pittsburgh and New Orleans... “They didn’t realize the power they were unleashing,” says FBI
...
At its peak, the self-replicating computer worm had enslaved some 600,000 devices around the world
...
Mirai attack was unlike anything anyone on the internet had ever seen, the first thermonuclear bomb of the DDoS world, topping out at 1.1 terabits per second as more than 145,000 infected devices bombarded OVH with unwanted traffic

...
Until then, a large DDoS attack was often considered to be 10 to 20 gigibits per second
...
Since Mirai malware exists only in flash memory, it was deleted every time the device was powered off or restarted.
..."

"Mirai (Japanese for "the future", 未来) is a malware that turns networked devices running Linux into remotely controlled "bots" that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers.
...
Devices infected by Mirai continuously scan the internet for the IP address of Internet of things (IoT) devices..."

2016 Dyn cyberattack - Wikipedia

"The 2016 Dyn cyberattack took place on October 21, 2016, and involved multiple distributed denial-of-service attacks (DDoS attacks) targeting systems operated by Domain Name System (DNS) provider Dyn, which caused major Internet platforms and services to be unavailable to large swathes of users in Europe and North America"



No comments: