It would appear that in the world of online cyber-crime, terrorists are becoming more and more common place. You may have recalled in past weeks, my article about the largest DDoS Attack Mirai Bot Source Code.
This is the same malware that was behind the largest known DDoS attack on Dyn, disrupting several Internet connections in the United States, just last month. Now we are seeing a repeat of this virus once again, only this time the cyber terrorists are now targeting Liberia.
The current Mirai attacks have the perpetrators behind the attack, flooding several Internet connections with an enormous amount of traffic. And as a result, the Internet services are forced offline.
An anonymous spokesperson from a Liberian mobile service provider stated “the DDoS is killing our business,” continuing, “we have a challenge with the DDoS. We are hoping someone can stop it.”
This employee wishes to remain anonymous, as they are not authorized to speak on behalf of the mobile provider. This series of cyber-attacks started some days ago, however, not all of the Liberian ISP have been damaged by this massive attack.
A notable security researcher, Kevin Beaumont posted a blog last Thursday, in which he talks about the cyber-attacks behind the Mirai-powered botnet.
On the fascinating end of this digital attack, this version of the Mirai botnet is fully capable of generating well over 500GBps of online traffic. This gives it more than enough power to disrupt random systems spread across Liberia. The issue here is that Liberia already has extremely limited Internet infrastructure. If the attack was to commence long enough, and with enough power, it could take Liberia completely offline for a long period of time.
Ever since the creator of Mirai released the entire source code for this botnet on GitHub, hackers across the world have downloaded and configuring it to cater to their botnet needs. It is estimated that there are around 500,000 IoT devices that have poor or weak security, which are infected with the Mirai malware. Such devices include security cameras, DVR’s, and other weak/vulnerable IoT devices spread out across the globe.
We can see from last month’s DDoS attack, that there was only 100,000 different IoT devices that had been infected with the malware, as reported by the victim DNS provider, Dyn. With that being said, there are several other “versions” of this malware springing up everywhere, infecting even more IoT devices, making the threat very real.
While it still remains unclear as to who is behind this new Mirai botnet cyber-attack, the security researchers involved in this case are assuming that this is the work of script kiddies. These script kiddies are running “Hackers for Hire,” as well as “DDoS for Hire.” Typically, these hackers are found on the Onion network, and provide, for a fee, hacking skills or DDoS attacks on targeted websites.
According to Beaumont, he believes that the attacks aimed toward Liberia are just some hackers wanting to test their skills and try new DDoS techniques.
Sources: AnonHQ (Mirai Bot Source Code), Medium (Kevin Beaumont “Shadows Kill”), GitHub (Mirai Source Code), Dyn.
This article (Mirai DDoS Attack Bot is Back, This Time Targeting Liberia) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.