Mirai (malware)

Mirai
Original author(s)Paras Jha, Josiah White and Dalton Norman
Repository
Written inC (agent), Go (controller)
Operating systemLinux
TypeBotnet
LicenseGNU General Public License v3.0
Websitegithub.com/jgamblin/Mirai-Source-Code Edit this on Wikidata

Mirai (from the Japanese word for "future", 未来) is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers.[1] The Mirai botnet was first found in August 2016[2] by MalwareMustDie,[3] a white hat malware research group, and has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016[4] on computer security journalist Brian Krebs' website, an attack on French web host OVH,[5] and the October 2016 DDoS attacks on Dyn.[6][7] According to a chat log between Anna-senpai (the malware's original author) and Robert Coelho, Mirai was named after the 2011 TV anime series Mirai Nikki.[8]

The software was initially used by the creators to DDoS Minecraft servers and companies offering DDoS protection to Minecraft servers, with the authors using Mirai to operate a protection racket.[9] The source code for Mirai was subsequently published on Hack Forums as open-source.[10] Since the source code was published, the techniques have been adapted in other malware projects.[11][12]

  1. ^ Biggs, John (Oct 10, 2016). "Hackers release source code for a powerful DDoS app called Mirai". TechCrunch. Archived from the original on 20 October 2016. Retrieved 19 October 2016.
  2. ^ njccic (December 28, 2016). "Mirai Botnet". The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC). Archived from the original on 12 December 2016. Retrieved 28 December 2016.
  3. ^ unixfreaxjp (August 31, 2016). "MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled". MalwareMustDie. Archived from the original on 5 September 2016. Retrieved 31 August 2016.
  4. ^ Krebs, Brian (September 21, 2016). "KrebsOnSecurity Hit With Record DDoS". Brian Krebs. Archived from the original on 15 November 2016. Retrieved 17 November 2016.
  5. ^ Cite error: The named reference securityintelligence was invoked but never defined (see the help page).
  6. ^ Hackett, Robert (October 3, 2016). "Why a Hacker Dumped Code Behind Colossal Website-Trampling Botnet". Fortune.com. Archived from the original on 22 October 2016. Retrieved 19 October 2016.
  7. ^ Newman, Lily Hay. "What We Know About Friday's Massive East Coast Internet Outage". WIRED. Archived from the original on 2016-10-22. Retrieved 2016-10-21.
  8. ^ Krebs, Brian. "Who is Anna-Senpai, the Mirai Worm Author?". Krebs on Security. Archived from the original on 22 January 2017. Retrieved 25 January 2017.
  9. ^ "The Mirai Botnet Was Part of a College Student Minecraft Scheme". Wired. ISSN 1059-1028. Retrieved 2020-10-19.
  10. ^ Statt, Nick (October 21, 2016). "How an army of vulnerable gadgets took down the web today". The Verge. Archived from the original on November 16, 2016. Retrieved October 21, 2016.
  11. ^ Kan, Michael (October 18, 2016). "Hackers create more IoT botnets with Mirai source code". ITWORLD. Archived from the original on 20 October 2016. Retrieved 20 October 2016.
  12. ^ "IoTroop Botnet: The Full Investigation - Check Point Research". 29 October 2017. Archived from the original on 2018-01-15. Retrieved 2018-01-14.