Mirai botnet malware jumps to Windows to help spread itself onto more devices
In October 2016, the world was introduced to the very first “Internet of Things” malware, which is a strain of malware that can infect connected devices such as DVRs, security cameras and more. The Mirai malware accessed the devices using default password and usernames. The malware then turns the affected devices into a botnet in order to facilitate a Distributed Denial of Service (DDoS) attack. This attack ended up flooding one of the largest website hosting companies in the world, bringing slew of major, well-known websites and services to a screeching halt for hours.
Originally, this malware could only infect Linux based systems, which many connected devices use. This week security researchers found a version that can now infect Windows computers and spread itself to IoT devices on a network. The Windows version of Mirai will attempt to connect to those devices through potentially open ports. These ports could simply be other Windows machines or they may be connected devices. Upon connecting successfully and determining that the platform is Linux based, it will turn that particular device into a DDoS bot in the Mirai botnet. This means that the malware now has a broader infection and distribution rate. There are approximately 1 billion Windows PCs actively running all versions of Windows today.
What is a botnet?
A botnet is a network of computers, phones, and tablets that have been infected with malware and are then controlled by the owner. The “commander” of the botnet then instructs all of the devices to send massive amounts of data to a particular target, such as a web hosting company or a specific website. This results in what is called a Distributed Denial of Service (DDoS) attack. A DDoS attack uses all of the devices in its “army” to then attack a target and flood it with traffic. When a website is flooded with too much traffic it can then be taken offline and users cannot access it.
The Internet security threat landscape is shifting
The adoption of Internet connected devices has surged in the past few years. As a result, that has opened up our digital lives to a multitude of vulnerabilities. A connected device is a computer in and of itself, therefore is susceptible to its own security issues. That means your connected thermostat, colorful lighting systems, bluetooth door locks and even toasters all need protection.
As a result of the soaring popularity of these devices, attackers have taken notice. Since the emergence of Mirai in October, it has since surfaced on the dark web- the code is available for anyone to modify, and there are established botnets using this malware available for rent.
Protect what you can
The best way to defend all of your devices is to protect what comes in contact with your network. Since this particular strain of the Mirai malware is targeting Windows computers, it is imperative that you protect them. Your first step in a good defense against these types of malware and more is to install a reputable Internet security program, such as Norton Security. Norton Security already detects this version of the Mirai malware.
Don’t forget about your router
The more protected your devices are, the less chance you have of becoming an unwilling participant in these types of attacks. Your router is essentially the front door to your digital home. The VERY first thing you should do is change the default password on your router. You should be able to find the instructions online by doing an Internet search of your router’s make and model number, and using the search term “setup” or “change default password.”
Don’t forget- routers have their own vulnerabilities too. Earlier this month, a router manufacturer announced a patch for software vulnerabilities in over 30 devices that could allow hackers access to the router password.
If you really want to take your digital security to the next level, consider using a “digital deadbolt” such as Norton Core. The Internet landscape may be changing rapidly, but we’re one step ahead of the bad guys. Norton Core is the first and only high performance, secure router with Norton protection bundled into it. Available for pre-order now.