Juniper Networks warns Mirai botnet is back and targeting new devices

News
By
published

Mirai is scanning for poorly protected Session Smart routers

DDoS attack
(Image credit: FrameStockFootages / Shutterstock)
  • Juniper Networks warns Mirai botnet is scanning for vulnerable routers
  • The campaign started in mid-December 2024, and includes DDoS attacks
  • Users should tighten up on security, researchers say

Operators of the Mirai botnet are back, and looking for easy-to-compromise Session Smart routers to assimilate, experts have warned.

Cybersecurity researchers from Juniper Networks, who recently published a new security advisory, warning its customers of the ongoing threat, noted the malware is scanning for internet-connected Session Smart routers that are using default login credentials.

Those that fall into this category are accessed, and used for a wide variety of malicious activities, but mostly Distributed Denial of Service (DDoS) attacks. The campaign apparently started on December 11, and could still be ongoing.

Mirai's turbulent past

"On Wednesday, December 11, 2024, several customers reported suspicious behavior on their Session Smart Network (SSN) platforms," Juniper said in the security advisory. "Any customer not following recommended best practices and still using default passwords can be considered compromised as the default SSR passwords have been added to the virus database."

The best way to protect against the threat is to make sure your internet-connected devices do not use factory login credentials. Instead, they should be protected with strong passwords and, if possible, placed behind a firewall.

The Mirai botnet is infamous for targeting Internet of Things (IoT) devices, and then using them to launch massive DDoS attacks. It is also known for exploiting weak or default credentials on devices like routers, cameras, and other IoT hardware. It was first spotted in 2016, but gained notoriety after targeting Krebs on Security in September 2016 and mounting the Dyn DNS attack in October 2016.

Mirai is arguably the most popular botnet out there, but it’s not the only threat. StormBot, Mozi, Satori, or Mantis are all malware variants known for launching disruptive attacks across the web. It also survived multiple takedown attempts, including the source code leak from 2016, the arrest of its developers in 2017, and multiple law enforcement campaigns.

Via BleepingComputer

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

More about security
Representational image depecting cybersecurity protection

OpenSSH vulnerabilities could pose huge threat to businesses everywhere
Digital image of a lock.

Xerox printer security risk could let hackers sneak into your systems
The 30th Anniversary Edition PS5 Slim on a gray background

I am once again alerting you to a PS5 Slim 30th Anniversary restock text message that's doing the rounds - check your phones
See more latest