Juniper Networks warns Mirai botnet is back and targeting new devices
Date:
Fri, 20 Dec 2024 15:15:00 +0000
Description:
Mirai is scanning for poorly protected Session Smart routers, and is using them to run DDoS attacks.
FULL STORY ======================================================================Juniper Networks warns Mirai botnet is scanning for vulnerable routers The campaign started in mid-December 2024, and includes DDoS attacks Users should tighten up on security, researchers say
Operators of the Mirai botnet are back, and looking for easy-to-compromise Session Smart routers to assimilate, experts have warned.
Cybersecurity researchers from Juniper Networks, who recently published a new security advisory, warning its customers of the ongoing threat, noted the malware is scanning for internet-connected Session Smart routers that are using default login credentials.
Those that fall into this category are accessed, and used for a wide variety of malicious activities, but mostly Distributed Denial of Service ( DDoS ) attacks. The campaign apparently started on December 11, and could still be ongoing. Mirai's turbulent past
"On Wednesday, December 11, 2024, several customers reported suspicious behavior on their Session Smart Network (SSN) platforms," Juniper said in the security advisory. "Any customer not following recommended best practices and still using default passwords can be considered compromised as the default
SSR passwords have been added to the virus database."
The best way to protect against the threat is to make sure your internet-connected devices do not use factory login credentials. Instead,
they should be protected with strong passwords and, if possible, placed
behind a firewall.
The Mirai botnet is infamous for targeting Internet of Things (IoT) devices, and then using them to launch massive DDoS attacks. It is also known for exploiting weak or default credentials on devices like routers, cameras, and other IoT hardware. It was first spotted in 2016, but gained notoriety after targeting Krebs on Security in September 2016 and mounting the Dyn DNS attack in October 2016.
Mirai is arguably the most popular botnet out there, but its not the only threat. StormBot, Mozi, Satori, or Mantis are all malware variants known for launching disruptive attacks across the web. It also survived multiple takedown attempts, including the source code leak from 2016, the arrest of
its developers in 2017, and multiple law enforcement campaigns.
Via BleepingComputer You might also like "Son of Mirai" botnet appears
Here's a list of the best antivirus on offer today These are the best
endpoint protection tools right now
======================================================================
Link to news story:
https://www.techradar.com/pro/security/juniper-networks-warns-mirai-botnet-is- back-and-targeting-new-devices
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)