BrickerBot back with a vengeance

Kevin Lancaster

Kevin Lancaster

MyBroadband Editor
Joined
Apr 4, 2014
Messages
13,564
Reaction score
136
BrickerBot back with a vengeance

BrickerBot, a Permanent Denial-of-Service (PDoS) attack platform, is back.

In early April, Radware’s Emergency Response Team identified the botnet designed to comprise IoT devices and corrupt their storage.
 
Kevin, what is a mirai exploit vector? Can explain with pickturz pls?
 
http://gizmodo.com/this-hacker-is-my-new-hero-1794630960

Let’s get one thing straight: destroying unsuspecting people’s gadgets is rude. However, it’s even ruder for companies to profit from selling people vulnerable technology that could be coopted and used in a global cyberattack. It’s downright irresponsible! But gadget companies just can’t stop doing it. In the latter half of last year, when the Mirai botnets basically broke the internet, some hackers realized that companies were not only unwilling to build better security into their devices; they were jeopardizing the security of the entire internet.

The Janit0r isn’t the only vigilante trying to improve IoT security, either. A few years ago, researchers discovered Wifatch, a batch of code that would infect IoT devices not to engage in malicious activities but rather to prevent other attackers from being able to break in. And then last year, a different batch of dubbed Hajime hit the radar. Hajime, like Wifatch before it, appeared to block ports that were known to be exploited by evil malware.
Click to expand...
 
Hamster said:
Kevin, what is a mirai exploit vector? Can explain with pickturz pls?
Click to expand...

Since he does not know, maybe the article could at least include the following advice:
- Disable your god-damn telnet access on all devices
- Change your friggin' factory default credentials (and no, "@dm1n" / "p@55w0rd" is not a cool/safe combo)

Mirai is not an exploit vector but IoT malware which either brute-forces access into Telnet via a factory logins and common password lists. Often you can also access routers/IoT devices (especially ones with NNTP settings) through a beautiful standard called TR064 (also often called CPE LAN side configuration).
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X