The Botnet is the source code that powers the “Internet of things” IoT, and was responsible for the launch of a historically large number of distributed denial-of-service (DDOS) attacks against KrebsOnSecurity, just last month, has been released, publicly. This virtually guarantees that the internet will very soon be flooded with attacks from many new botnets, which will be powered by insecure routers, IP cameras, digital video recorders, and other devices will are easily hackable.
This was revealed on Friday, by Hackforums. The malware’s name is “Mirai”, and spreads through vulnerable devices by continuously scanning IoT systems, which are in turn protected by factory default, or hard-coded usernames and passwords. These vulnerable devices are then turned to malicious software, which turns them into bots, which forces them to report to a central control server.
Many sources have claimed that Mirai is not the only malware family being used to assemble large attacks. There has been news that another domain strain of IoT malware, which is dubbed as “Bashlight” also functions similarly to Mirai, by infecting systems via default usernames and passwords on IoT devices. According to recent research, the Bashlight botnet is responsible for victimizing almost a million IoT devices.
The good thing is that the infected system can be easily cleaned up by simply rebooting them, but the scanning now goes on at such a pace, that the system might be reinfected in minutes. However, there is one solution to all of this. Changing the default password.