New Mirai Variant Hides C&C Server on Tor Network

A recently discovered variant of the Mirai Internet of Things (IoT) malware is using a command and control (C&C) server on the Tor network, Trend Micro’s security researchers have discovered. 


Ever since Mirai’s source code was posted online in October 2016, miscreants have released variants of the malware to expand its targeting capabilities and ensnare as many devices as possible in distributed denial of service (DDoS)-capable botnets. 


Some of the best known Mirai spawns include Echobot, Wicked, Satori, Okiru, Masuta, and Miori, but others have been observed over the years as well, including a variant that specifically targets business devices. Recently, a Mirai-based botnet was used in a massive 292,000 RPS Layer 7 assault


The newly discovered Mirai sample, Trend Micro points out, is proof that cybercriminals continue to develop and use the malware’s code despite the massive attention it has received over the years. 


Just as other Mirai iterations out there, the new variant allows attackers to remotely access and control IoT devices such as IP cameras and DVRs, using exposed ports and default credentials. The infected devices can be then leveraged for DDoS assaults using various methods. 


What sets the new version apart, however, is the fact that its author has placed the botnet’s command and control (C&C) server on ..

Support the originator by clicking the read the rest link below.