Mirai botnet returns to target IoT devices
New Mirai variant targets signage TVs and presentation systems
A new variant of the Mirai malware targeting IoT devices has been discovered in the wild by security researchers from Palo Alto Networks.
The researchers first discovered this new strain earlier this year and now it is being used in a new IoT botnet targeting smart signage TVs and wireless presentation systems.
The authors of the botnet have spent a great deal of time upgrading older versions of the Mirai malware with new exploits and according to Palo Alto Networks, this new Mirai botnet uses 27 exploits with 11 that are completely new to Mirai altogether.
- New Mirai variant set to hit IoT devices
- Your Android device could be affected by a crypto-mining botnet
- "Most sophisticated" Torii botnet targeting IoT devices
Mirai's built-in list of default credentials has also been expanded by the botnet operator to allow the malware to more easily gain access to devices that use default passwords. In total, four new username and password combinations have been added according to a new report from Palo Alto Network's Unit 42.
IoT devices
This new Mirai botnet is intended to infect IoT devices with exposed Telnet ports through the use of default credentials which many hardware makers continue to leave unchanged despite the security risks they pose.
While previous botnets using the Mirai malware have targeted routers, modems, security cameras and DVRs, the latest one is intentionally targeting smart signage TVs and wireless presentation systems, specifically LG's Supersign TVs and the WePresent WiPG-1000 wireless presentation system.
Both of these exploits have been available online for some time but this is the first instance researchers have seen of them being weaponized.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
To avoid having your devices fall victim to the Mirai botnet, it is recommended that you only use devices from trusted manufacturers and immediately change the default passwords on those devices.
Via ZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.