Your new post is loading...
New Mirai variant named Mirai OMG
Fortinet has named this variant Mirai OMG —based on the OOMGA string found in some parts of the malware's source code where the term "Mirai" used to be— and this variant now joins a growing Mirai family that also includes variants such as Satori (Okiru), Masuta, and Akuma.
But while Fortinet has not analyzed the traffic flowing through the Mirai OMG network, in theory, it should not be any different from the regular type of traffic that malicious proxy networks have been relaying for years. This includes:
⠕ relaying traffic meant for malware C&C servers to hide their true location
⠕ acting as launching points for dictionary and brute-force attacks to bypass security solutions that limit the number of failed attempts per IP
⠕ launching SQL injection, CSRF, LFI, and XSS attacks to bypass geofencing rules and exploit other web applications
Since Mirai OMG still relies on the classic Mirai spreading technique of brute-forcing devices using weak passwords, changing any IoT equipment's default password should safeguard most users from having their device taken over for a crime spree.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Mirai+Botnet
New Mirai variant named Mirai OMG
Fortinet has named this variant Mirai OMG —based on the OOMGA string found in some parts of the malware's source code where the term "Mirai" used to be— and this variant now joins a growing Mirai family that also includes variants such as Satori (Okiru), Masuta, and Akuma.
But while Fortinet has not analyzed the traffic flowing through the Mirai OMG network, in theory, it should not be any different from the regular type of traffic that malicious proxy networks have been relaying for years. This includes:
⠕ relaying traffic meant for malware C&C servers to hide their true location
⠕ acting as launching points for dictionary and brute-force attacks to bypass security solutions that limit the number of failed attempts per IP
⠕ launching SQL injection, CSRF, LFI, and XSS attacks to bypass geofencing rules and exploit other web applications
Since Mirai OMG still relies on the classic Mirai spreading technique of brute-forcing devices using weak passwords, changing any IoT equipment's default password should safeguard most users from having their device taken over for a crime spree.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=iot
https://www.scoop.it/t/securite-pc-et-internet/?&tag=Mirai+Botnet