Mirai Botnet Source Code Unveiled

Mirai Botnet Source Code Unveiled

This post is also available in: heעברית (Hebrew)

Security researchers have come across the source code for the Internet of Things botnet called Mirai. This botnet has been used to launch major DDoS attacks, an attempt to make a machine or network resource unavailable to its intended users, against various websites. These attacks are such a powerful tool that they could shut down nearly any public website in existence today. Now that the source code has been leaked, it becomes a lot easier to make the botnet useless.

What this botnet, a system of mallicous softwares, does is infect a lot of different devices: Computers, IP cameras, and insecure routers are just some of the potential targets. The source code appeared first on the Hackforums recently, and it continuously scans the internet for IoT systems. Any device that is protected by default usernames and passwords is a potential victim of this malware.

Connecting millions of devices to the Internet sounds great on paper, but it creates a big problem as well. The Internet of Things makes it easier for internet criminals to create botnets, as not all of the Internet-connected machines are monitored on a 24/7 basis. The Mirai botnet took advantage of the early stages of IoT so far and “enslaved” thousands of devices all over the world.

To put this potential into perspective, Mirai is capable, according to newsbtc.com, of pulling in several hundreds of thousands of bots from IoT devices. Although security researchers have undertaken specific action to bring this botnet down, it remained a significant threat. Now that the source code is made available, it remains to be seen how this situation evolves.

What is even more worrisome is how the Mirai source code leaves no trace when it infects a machine. As soon as the device is rebooted, all of the malicious code is wiped from memory. However, vulnerable devices can easily be re-infected as long as the default username and password remains active.

Although it remains unclear as to why this source code was released, to begin with, it is a blessing in disguise for security researchers. This unexpected gift allows them to create solutions to fight the botnet. However, It’s a likely possibility that distribution of this code will actually lead to more attacks against IoT devices.

The growth of Internet of Things cannot be denied. One thing a lot of people tend to forget is to remove their default login and password, to improve device security. While it is convenient to use logins such as “admin”, it is also a target for Internet criminals looking to take advantage.