The Intelligence Corner

Our experts’ unique discoveries, observations, and opinions on what’s trending today in Business Risk Intelligence and the Deep & Dark Web.

Search results
Search Results for: mirai

An After-Action Analysis of the Mirai Botnet Attacks on Dyn

Key Takeaways • On October 21, 2016, a series of distributed denial-of-service (DDoS) attacks against Dyn DNS impacted the availability of a number of sites concentrated in the Northeast US and, later, other areas of the country. Impacted sites included: PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify, and RuneScape. • While the attacks were still […]

Read more

Mirai Botnet Linked to Dyn DNS DDoS Attacks

By Flashpoint Analyst Team
October 21, 2016

Key Takeaways Flashpoint has confirmed that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware. Mirai botnets were previously used in DDoS attacks against the “Krebs On Security” blog and OVH. As of 1730 EST, the attacks against Dyn DNS are still ongoing. Flashpoint […]

Read more

New Mirai Variant Leaves 5 Million Devices Worldwide Vulnerable — High Concentration in Germany, UK and Brazil

Key Takeaways • Flashpoint confirms the existence of a new Mirai variant and its involvement in the recent Deutsche Telekom outage. Flashpoint has linked at least one distributed denial-of-service (DDoS) attack to this variant. Flashpoint assesses with high confidence that the new Mirai variant is likely an attempt by one of the existing Mirai botmasters […]

Read more

Flashpoint Monitoring of Mirai Shows Attempted DDoS of Trump and Clinton Websites

Key Takeaways Between 16:20:43 UTC on November 6, 2016 and 8:19 UTC on November 7, 2016, Flashpoint observed four 30-second HTTP Layer 7 attacks targeting the campaign websites of presidential candidates Donald Trump and Hillary Clinton. There were no observed or reported outages for either of the sites.   Flashpoint assesses that unsophisticated actors are […]

Read more

When Vulnerabilities Travel Downstream

CVEs Assigned to Upstream Devices Exploited by Mirai IoT Botnet While investigating the recent large-scale DDoS attacks against targets including Krebs On Security and OVH, Flashpoint identified the primary manufacturer of the devices that utilize the default username and password combination known as root and xc3511, respectively. These types of credentials exist all across the […]

Read more

Recommended DDoS Attack Mitigation Strategies

November 2, 2016

In light of the recent Mirai botnet DDoS attacks against DNS servers, Flashpoint would like to raise awareness on certain suggested mitigation strategies. These recommendations are relevant for organizations with Internet-facing authoritative DNS servers. For organizations running their own DNS servers, is it crucial for network team members to both be aware of the current […]

Read more

IoT Hacks May Bring Frenzy of Litigation

August 21, 2018

The rush-to-market for connected, embedded, and smart devices has already left security in the rear-view mirror. And despite the Mirai attacks of 2016 and other countless Internet-of-things-related vulnerabilities and security research, little has been accomplished in keeping these devices from becoming an easy port of entry or pivot point for attacks targeting enterprises. Now to […]

Read more