Very big DDoS attacks from hacked security cameras.
Two weeks ago, there was two massive DDoS attacks launched. One of them was the most powerful up to date. And it took down the journalist Brian Krebs site.
The other one was also very big, and the French OVH cloud provider was attacked with over 1Tbps of data.
The attacks have been carried out by a giant botnets consisting of over 145 000 hacked devices. But this time is not big amount of hacked computers.
Instead it has been poorly protected online gadgets. Most of them were security cameras, but there was everything from light bulbs to the video player in the attack.
This kind of attacks are nothing new, but the size of this last two attacks are very scary. And there are many security people that agree that we have not seen the end of this.
The virus that have infected all devices are called Mirai, and has so far been controlled by a single hacker or hacker group.
But not anymore… For little over a week ago someone leaked the source code on a hacker forum, and many thinks its the creator of the virus.
We have already seen several small-scale attacks with Mirai have been already been carried out. But none has reached the enormous data flow as the two before. But more and more powerful attacks are predicted.
So what is it that makes Mirai so special?
Not much, if you ask the experts. The code is not particularly hidden, but so is the targets of the connected devices, stuff that no one cares to check.
The virus is spread in a fairly straightforward way. It scans the network for Internet gadgets, that are supplied with simple default passwords, and simply try to log in and install the malware.
The most interesting with Mirai source code is that it contains a list of IP addresses to avoid. There are a couple of major IT companies, organization IANA and the US Department of Defense.
Hypothetically speaking, it would be one way to avoid being caught by actors who look for threats.
But if so, why are there so few addresses on the list and why is the creator of the virus, behind two of the worst DDoS attacks in our history?
Only the future will show us…