- Russian banks floored by DDoS attacks. From The Register.
At least five Russian banks weathered days-long DDoS attacks this week.
A wave of assaults began on Tuesday afternoon and continued over the next two days. Victims include Sberbank and Alfabank, both of which confirmed DDoS attacks on their online services, RT reports.
The attacks were powered by compromised IoT devices, according to an unnamed Russian Central Bank official. Early indications are that the Mirai IoT botnet which disrupted DNS services for scores of high-profile websites in October 2016 may be behind the latest attacks but this is unconfirmed.
The last DDOS attack on this scale against Russian banks was in October 2015, when eight major institutions were targeted.
One of the largest Distributed Denial-of-Service (DDoS) attacks happened this week and almost nobody noticed.
Since the cyberattack on Dyn two weeks ago, the internet has been on edge, fearing another massive attack that would throw millions off the face of the web. The attack was said to be upwards of 1.1Tbps — more than double the attack a few weeks earlier on security reporter Brian Krebs’ website, which was about 620Gbps in size, said to be one of the largest at the time. The attack was made possible by the Mirai botnet, an open-source botnet that anyone can use, which harnesses the power of insecure Internet of Things (IoT) devices.
Hacked Cameras, DVRs Powered Today’s Massive Internet Outage. From KrebsOnSecurity.
A massive and sustained Internet attack that has caused outages and network congestion today for a large number of Web sites was launched with the help of hacked “Internet of Things” (IoT) devices, such as CCTV video cameras and digital video recorders, new data suggests.
Earlier today cyber criminals began training their attack cannons on Dyn, an Internet infrastructure company that provides critical technology services to some of the Internet’s top destinations. The attack began creating problems for Internet users reaching an array of sites, including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.
- Mirai IoT DDoS Trojan Now Targets Cellular Network Equipment. From Softpedia.
Sierra Wireless, one of the biggest hardware manufacturers of mobile equipment, has issued an alert yesterday, warning customers not to use default passwords with their devices as they might be at risk of infection from the infamous Mirai malware.
The company says that Airlink wireless routers and gateways deployed with 3G and 4G LTE cellular networks are at risk.
Sierra says that network operators that use these devices across their infrastructure, and are using them with their default credentials are at risk of having the devices taken over and employed in DDoS attacks.
Source Code for IoT Botnet ‘Mirai’ Released. From Krebs On Security.
The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.
The leak of the source code was announced Friday on the English-language hacking community Hackforums. The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.