Mirai DDoS Adds 13 More Router Brands to Its Impressive Portfolio

Mirai DDoS adds 13 more router brands to its impressive portfolio. Does this mean that it could be back? A Mirai variant just recently was spotted targeting several router brands.

Mirai DDoS Adds 13 More Router Brands

Mirai DDoS Adds 13 More Router Brands

The feared Mirai distributed denial of service (DDoS) botnet might just be set for a return after researchers reportedly spotted a lookalike botnet expanding quickly.

Cybersecurity researchers from Fortinet just recently observed a botnet known as IZ1H9 reportedly adding a dozen new payloads. The botnet in question is based on Mirai, and eventually targets routers from almost a dozen manufacturers, that are also vulnerable to multiple flaws.

The routers that are being targeted with new payloads are inclusive of those built by D-Link, Netis, Sunhillo, Geutebruck, Yealink, Zyxel, TP-Link, Korenix, TOTOLINK, and also possibly Prolink. The vulnerabilities in question that the hackers are going for with these payloads reportedly date from 2015 to 2023.

Mirai DDoS Exploitation Rates

The exploitation rates apparently peaked in early September 2023, thus reaching “tens of thousands” of attempts on several vulnerable endpoints.

What You Should Know About DDoS Attacks

DDoS attacks for those that don’t know are a very common tactic among cybercriminals, in which they get to disrupt internet-facing platforms, websites, and services. They reportedly overwhelm the target servers effectively simply by directing obscene amounts of traffic their way until they cannot just bear to serve all of them and then just crash. Although it might look trivial, especially due to the fact that the average DDoS attack lasts less than 10 minutes, the attacks in question can cause all sorts of damage to a firm (especially damages of a financial nature) and could get to last agonizingly long.

DDoS attacks as you should also know are at most times used in synergy with other forms of cyberattacks. And in some cases, threat actors would disable the back-end of the victim with ransomware and the front-end on the other hand with DDoS. Then, they would demand payment in cryptocurrency in exchange for both the decryption key for the data that is in the back-end, and also for restoring the front-end.

How DDoS Attacks Work

In order for a botnet to be able to overwhelm a server, it needs many endpoints, or bots, to help it send countless data requests. That is why botnets strive to compromise as well as assimilate as many devices as possible. Routers, connected TVs, smart home appliances, as well as everything else that connects directly to the internet, can be utilized. Google just recently stated that it mitigated the biggest DDoS attack ever recorded, thus peaking at almost 400 million requests per second.



Please enter your comment!
Please enter your name here