Developers behind a newly discovered variant of the Mirai Internet of Things botnet malware have expanded their target list, placing a greater emphasis on high-bandwidth enterprise devices that are potentially capable of launching heavy-duty distributed denial of service attacks.
Detected by the Palo Alto Networks Unit 42 threat research team, the botnet still attempts to infect consumer devices like its predecessors, but the move toward enterprise IoT devices could augur future DDoS assaults that rival or surpass previous Mirai attacks like the one that disrupted the operations of Domain Name System provider Dyn in 2016.
The new malware variant, which has no nickname, includes 27 exploits – 11 of which have never been seen before in a Mirai variant – along with new credentials for brute forcing devices. Among the new additions are exploits for the WePresent WiPG-1000 Wireless Presentation System and the LG Supersign TVs digital signage solution, both of which are typically used by businesses. "This development indicates to us a potential shift to using Mirai to target enterprises" for compromise, according to a March 18 blog post penned by researcher Ruchna Nigam.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.