ANALYSIS Brian Krebs should know a thing or two about distributed denial of service (DDoS) attacks. His security website was shut down by one of the largest in history.
iTWire reported on this and stated, “Other recent memorable DDoS have included Pokémon Go servers, World of Warcraft Battle.net and even iTWire has suffered – but none have come close to the traffic generated to bring down Krebs site.”
Krebs is thankfully back in business and has reported that “The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.”
Should we be scared? Absobloodylutely! The malware code dubbed Mirai scans the internet for vulnerable devices protected by factory default admin/passwords.
{loadposition ray}
Krebs says that it is easy to pull in a few hundred thousand to a million devices using Mirai or Bashlight – another well used DDoS malware.
And the cure to an infection is simple. Infected systems can be cleaned up by simply “hard” rebooting (pressing a physical reset button) to wipe the malicious code from memory. Then immediately change the admin/password login to something more secure than “admin/password”. Of course this requires you to set up the wireless parameters again so it’s a good time to change the default SSID and network access passwords as well.
IoT experts however say there is so much constant scanning going on for vulnerable systems that vulnerable IoT devices can be re-infected within minutes of a reboot so change the password very quickly.
Krebs laments that the DDoS malware is so prevalent that its public release will lead to many Internet users complaining to their ISPs about slow Internet speeds as a result of hacked IoT devices on their network hogging all the bandwidth.
You see as the owner of an infected device you end up paying as its using your bandwidth to conduct DDoS or send spam. Please check your router now and reboot and change the password!