The Intelligence Corner

Our experts’ unique discoveries, observations, and opinions on what’s trending today in Business Risk Intelligence and the Deep & Dark Web.

Search results
Search Results for: mirai

An After-Action Analysis of the Mirai Botnet Attacks on Dyn

Key Takeaways • On October 21, 2016, a series of distributed denial-of-service (DDoS) attacks against Dyn DNS impacted the availability of a number of sites concentrated in the Northeast US and, later, other areas of the country. Impacted sites included: PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify, and RuneScape. • While the attacks were still […]

Read more

Mirai Botnet Linked to Dyn DNS DDoS Attacks

By FP_Analyst
October 21, 2016

Key Takeaways Flashpoint has confirmed that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware. Mirai botnets were previously used in DDoS attacks against the “Krebs On Security” blog and OVH. As of 1730 EST, the attacks against Dyn DNS are still ongoing. Flashpoint […]

Read more

New Mirai Variant Leaves 5 Million Devices Worldwide Vulnerable — High Concentration in Germany, UK and Brazil

Key Takeaways • Flashpoint confirms the existence of a new Mirai variant and its involvement in the recent Deutsche Telekom outage. Flashpoint has linked at least one distributed denial-of-service (DDoS) attack to this variant. Flashpoint assesses with high confidence that the new Mirai variant is likely an attempt by one of the existing Mirai botmasters […]

Read more

Flashpoint Monitoring of Mirai Shows Attempted DDoS of Trump and Clinton Websites

Key Takeaways Between 16:20:43 UTC on November 6, 2016 and 8:19 UTC on November 7, 2016, Flashpoint observed four 30-second HTTP Layer 7 attacks targeting the campaign websites of presidential candidates Donald Trump and Hillary Clinton. There were no observed or reported outages for either of the sites.   Flashpoint assesses that unsophisticated actors are […]

Read more

When Vulnerabilities Travel Downstream

CVEs Assigned to Upstream Devices Exploited by Mirai IoT Botnet Key Findings • While investigating the recent large-scale distributed denial-of-service (DDoS) attacks, Flashpoint identified the primary manufacturer of the devices that utilize the default username and password combination known as root and xc3511. • Default credentials pose little threat when a device is not accessible […]

Read more

Recommended DDoS Attack Mitigation Strategies

November 2, 2016

In light of the recent Mirai botnet DDoS attacks against DNS servers, Flashpoint would like to raise awareness on certain suggested mitigation strategies. These recommendations are relevant for organizations with Internet-facing authoritative DNS servers. For organizations running their own DNS servers, is it crucial for network team members to both be aware of the current […]

Read more

Business Risk Profile: Manufacturing

February 6, 2018

As a critical infrastructure sector, the manufacturing industry is a primary driver of economic development and growth, enabling everything from local utility services to global trade. The critical importance of manufactured goods in modern society means a successful attack against a major manufacturer could trigger a domino effect, leading to widespread economic disruption across supply […]

Read more