Posting the Infection alert as received from my ISP ( Hathway)
It has been observed that the variants of a new malware named as “Mirai” targeting Internet of Things(IoT) devices such as printers, video camera, routers, smart TVs are spreading. The malware is capable of scanning the network devices or Internet of Things and try to compromise these systems especially those protected with defaults credentials or hardcoded username passwords.
The malware is capable of performing the following function:
- Compromise IoT systems with default username and passwords
- Create botnets of the compromised devices.
- Use compromise devices to launch DDoS attacks.
- Make network connections to receive commands from launch further attacks.
It is also reported that the malware resides in memory of the infected device and can be wiped out by simply rebooting of the compromised device. However, the malware scans the vulnerable devices constantly leading to the re-infection of the rebooted device within minutes of reboot.
How to protect yourself from MIRAI
Mirai, like other botnets, uses known exploits to attack devices and compromise them. It also tries to use known default login credentials to work into the device and take it over. So your three best lines of protection are straight forward.
- Always update firmware (and software) of anything you have in your home or a workplace that can connect to the internet.
- Change your devices’ administrator credentials (username and password) as soon as possible
- If your device manufacturer stopped releasing new firmware updates or it hardcoded the administrator credentials, and you can’t change them, consider replacing the device
- You can also download the free bot removal tool from https://www.cyberswachhtakendra.gov.in/
