Malware behind biggest DDoS ever just got more dangerous

News
By published

Mirai now has a Windows spin

The march of the infamous Mirai botnet continues, with Kaspersky having found the first Windows-based spreader for the malware.

You probably remember Mirai from last year – it was the source of a huge number of infections which powered some massive DDoS attacks. Well, now the code (which was made openly available online in 2016) has been crafted to make a Windows botnet, likely by a Chinese speaking malware author according to the security firm (going by language clues in the coding, and similar signposts).

Kaspersky notes that the components and techniques used in the new spreader may be a few years old, but on an overall level it’s “richer and more robust” than the original Mirai code, and its developer appears to have more sophisticated skills than those behind last year’s DDoS campaigns.

That said, the security company notes that the ability to spread Mirai is limited here, because the malware has to brute-force a remote telnet connection in order to propagate bots from a Windows machine to vulnerable Linux IoT gadgets.

Even so, Kaspersky has witnessed attacks on around 500 systems thus far this year (which it blocked), and says emerging markets which are heavily invested in the IoT are certainly at risk (China and India, plus many other nations to boot).

  • Nothing screams 'air-tight security' like a brand-new Chromebook

Experienced attackers

Kurt Baumgartner, Principal Security Researcher at Kaspersky, commented: “The appearance of a Mirai crossover between the Linux platform and the Windows platform is a real concern, as is the arrival on the scene of more experienced developers.

“More experienced attackers, bringing increasingly sophisticated skills and techniques, are starting to leverage freely available Mirai code. A Windows botnet spreading IoT Mirai bots turns a corner and enables the spread of Mirai to newly available devices and networks that were previously unavailable to Mirai operators. This is only the beginning.”

Kaspersky says it’s busy working with hosting providers and network operators in the process of taking out a ‘significant’ number of Mirai’s command and control servers.

TOPICS
Darren Allan

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Security
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
Latest in News
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Lilo & Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
The Discovery+ homepage
Discovery+ just got a big update to its streaming app that makes it more like Max – here are 5 great new features to try
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
More about security
ThreatLocker CEO Danny Jenkins speaking at ZTW25

“It’s made our jobs harder, not easier” - ThreatLocker CEO Danny Jenkins on AI
China

Chinese hackers targeting Juniper Networks routers, so patch now
Person using a laptop.

The hidden costs of your on-premise software
See more latest
Most Popular
Apple watch pair with iphone
I've been wearing an Apple Watch for 10 years – these are the 5 settings I change right out of the box
iRobot Roomba Combo 205
This new Roomba finally solves the big problem I have with robot vacuums
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Mac Studio on a desk
I compared Apple's Mac Studio M3 Ultra with 10 Windows workstations and I am truly shocked by what I found
Lilo & Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
China
Chinese hackers targeting Juniper Networks routers, so patch now
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Bolt Zeus 2c26-032 PCIe card
This GPU vendor I've never heard of claims its card is 10x faster than an Nvidia RTX 5090 at real time path tracing
Google Meet create custom backgrounds
More AI features are coming to Google Workspace