API tools faq
paste
Advertisement
FluxTheGreat

Mirai Botnet Debunk

FluxTheGreat
Aug 9th, 2017
253
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.05 KB | None | 0 0
raw download clone embed print report
  1. [+] DDOS | Successfully Hijacked Connection
  2. [+] DDOS | FLUX DEBUNK READY
  3. Debunk Ready
  4. Flux@botnet# Debunk
  5.  
  6. OK so first off let's talk about what MIRAI is. Mirai is a famous IoT botnet, that has been used in some of the largest DDoS attacks the internet has ever seen. Now in Japanese, the word Mirai means Future. Another notable reason for Mirai's name is the botnet was named after a famous anime known as Mirai Nikki. Mirai Targets vulnerable IoTs such as, IP Cameras (CCTV), routers, potentially telnet devices, and potentially even smart refrigerators (highly doubt it). The Mirai Malware itself seems to consist of a Table Of IP Addresses that it will not infect, such as government networks and private networks. When a device is infected with the malware, the malware will attempt to bruteforce the username and password of that device (not ssid and Wep, wpa, and wpa2). For Example, User:root pass:cctv. Now if a device is infected, it will experience a drastic increase in bandwidth if they are connected to the botnet, and being used in a DDoS attack. Now when the device is shut off or restarted, they will be uninfected, but only for a very short amount of time. The Malware will attempt to reinfect the restarted device and will successfully do it if the user and pass of the device has not been changed. Now what I find interesting about this malware is when the device is infected, The Malware will remove all other infections competing for device and will then close all RAPs (My term for Remote Administration Ports). This Malware has infected millions of devices, but has now dropped down. (I used many sources to research this Malware). Now when we talk about the source code, I don't have too much info. What I discovered myself was that the .c files acted as an Agent and the .go files acted as a controller. So I went to research this on Google to make sure I was correct about this discovery, and I found quite quickly that I was correct! YAY. Currently I'm still researching the "attack methods" of Mirai and How they work. Later on I will be adding to this article -Flux
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!