25 Oct An IoT botnet was partly responsible for Friday’s massive DDOS attack
Malware that can build botnets out of IoT devices was at least partly responsible for a massive distributed denial-of-service attack that disrupted U.S. internet traffic on Friday, according to network security companies.
On Friday morning, the assault disrupted access to popular websites by flooding a DNS service provider called Dyn with an overwhelming amount of internet traffic.
Some of the traffic originated from botnets created by the Mirai malware, and is estimated to have infected over 500,000 devices, according to Level 3 Communications, a provider of internet backbone services.
About 10% of those Mirai infected devices were participating in Friday’s DDOS attack, said Dale Drew, the company’s chief security office in Periscope livestream. However, other botnets were also partaking in the attack, he added.
DDOS attacks and botnets are nothing new. However, the Mirai malware is extremely powerful in its ability to deliver server-crashing levels of traffic to websites.
The Mirai malware targets internet-connected devices such as cameras and DVRs that have weak default passwords, making them easy to infect. Adding to the worry is that the developer behind Mirai has released the malware’s source code to the hacker community.
Friday’s attack continued into the evening, according to Dyn. Its engineers had to mitigate “several attacks” aimed at its infrastructure. The company reported that the DDOS attacks came from “tens of millions of IP addresses at the same time.”