Mirai Source Code for DDoS Malware Bonet Leaked

The New Acunetix V12 Engine


So there’s been some HUGE DDoS attacks going on lately, up to 620Gbps and the Mirai source code DDoS Malware bonet has been fingered – with the source code also being leaked.

Mirai Source Code for DDoS Malware Bonet Leaked


It’s spreading like wildfire too, and the scariest thought? All that was really needed to construct it was a telnet scanner and a list of default credentials for IoT devices (not even a long list, just 36).

Malicious code used to press-gang IoT connected devices into a botnet was leaked online over the weekend.

The Mirai malware is a DDoS Trojan and targets Linux systems and, in particular, IoT devices. A botnet formed using the malware was used to blast junk traffic at the website of security researcher Brian Krebs last month in one of the largest such attacks ever recorded.

The powerful zombie network that spawned a 620Gbps DDoS was created by relying on factory default or hard-coded usernames and passwords to compromise embedded devices. The availability of the Mirai source code makes it much easier for other hackers to take advantage of insecure routers, IP cameras, digital video recorders and other IoT devices to launch similar attacks.

Security blogger Hacker Fantastic, who has put together an informative early analysis of the malware, summed up the feelings of several security researchers who have looked at the code. “If all it took to create biggest recorded DDoS attack in history was a telnet scanner and 36 weak credentials the net has a huge IoT problem,” he said on Twitter.

Stephen Gates, chief research intelligence analyst at NSFOCUS, argued that the problem of consumer kit with default passwords needs to be resolved sooner rather than later or else more and perhaps more widespread attacks along the same lines will become inevitable.


User-friendly design kicking us in the butt again, when will manufacturers of devices stop giving weak default passwords for devices capable of generating attacks?

Yah it costs a little more to generate a unique password for each unit and print it on a little bit of paper – but isn’t it worth it?

“Soon we may see DDoS attacks that are capable of taking down major portions of the Internet, as well as causing brownouts, creating intolerable latency, or making the Internet unusable,” Gates argued. “This is all collateral damage caused by a failure of good judgement by using the same factory default passwords on IoT devices in the first place.”

“Why do many IoT devices use default passwords? Simple; when manufacturers build this type of technology they make it as ‘user-friendly’ as possible. Just plug it in and often it works. The real intention of the decision to ship every device with the same username/password is primarily designed to reduce customer support calls; which costs manufacturers money,” he added.

Reiner Kappenberger, global product manager at data security firm HPE Security, argued more guidance for IoT manufacturers was needed.

“The current lack of guidance and regulations for IoT device security is one of the bigger problems in this area and why we see breaches in the IoT space rising,” Kappenberger said. ”Companies rush product to market that have been developed by teams that are solely focusing on functionality. They use protocols and tools that have not been thoroughly vetted from a security standpoint as the small amount of storage in those devices poses limitations to the software elements they can use. Companies entering this space need to think about longer term impact of their devices.”

The scale these attacks are reaching, they could be able to disarm significant portions of the Internet soon, and with that kind of bandwidth they can probably already knock smaller countries off the map completely.

You can checkout the Mirai botnet source code here for DDoS: Mirai-Source-Code

The geek in me rejoices in seeing Go.

Source: The Register

Posted in: Hacking News

, , ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


One Response to Mirai Source Code for DDoS Malware Bonet Leaked

  1. steve October 22, 2016 at 8:00 pm #

    “All that was really needed to construct it was a telnet scanner and a list of default credentials for IoT devices” – wtf does that even mean?