1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • A new Mirai variant is targeting IoT devices - here's how to stay

    From TechnologyDaily@1337:1/100 to All on Tue May 30 10:15:03 2023
    A new Mirai variant is targeting IoT devices - here's how to stay safe

    Date:
    Tue, 30 May 2023 09:02:56 +0000

    Description:
    Cybersecurity researchers share the best way to protect against Mirai.

    FULL STORY ======================================================================

    A version of Mirai, called IZ1H9, has become the dominant variant of the dreaded botnet, infecting countless Linux devices and using them for
    different nefarious purposes.

    According to Unit 42, the cybersecurity arm of Palo Alto Networks, which has been tracking IZ1H9 since August 2018, whose researchers revealed that since November 2021, a single threat actor has been actively deploying the variant.

    The campaign was only spotted in mid-April this year, and among other things, the threat actor was targeting endpoints that are already infected with
    Mirai, wiping previous iterations in order to only keep IZ1H9. Mirai botnet

    The malware also contains a function that ensures the device is running only one instance of this malware. If a botnet process already exists, the botnet client will terminate the current process and start a new one, the
    researchers explained. The malware comes with a list of processes belonging not just to other botnet families, but also to other variants of Mirai. If it finds these processes running on the device, it will terminate them.

    IZ1H9 initially spreads through HTTP, SSH and Telnet protocols, the researchers added, saying that the best protection is to keep Linux devices patched and updated. Read more

    A new Mirai variant is attacking Linux devices to build a beastly DDoS
    botnet


    Mirai botnet now targeting critical flaw in thousands of routers


    These are the best malware removal tools around

    To combat this threat, it is highly recommended that patches and updates are applied when possible, the researchers concluded.

    Botnets such as this one are usually used to mount Distributed Denial of Service ( DDoS ) attacks. DDoS is one of the most popular forms of attack out there, and it works by rendering a tool, or service (such as, for example, a website) inaccessible. In a DDoS attack, the attacker would flood the target server with so much bogus traffic that the server cant handle it and eventually becomes clogged.

    To get that kind of traffic, the attacker will need countless devices (such
    as Linux IoT devices, for example) to send traffic packets to the same address. Check out the best endpoint protection software around

    Via: Infosecurity Magazine



    ======================================================================
    Link to news story: https://www.techradar.com/news/a-new-mirai-variant-is-targeting-iot-devices-he res-how-to-stay-safe


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)