sb-au logo
Story image

Mirai botnet now targeting Windows PCs to access IoT devices

15 Feb 2017

Notorious IoT malware ‘Mirai’ has now jumped ship to infect Windows devices and Symantec is warning users to make sure they have internet security to make sure they don’t get caught.

Symantec says the malware used to infect Linux systems, as they are what many IoT devices use. However, security researchers found a version that can now infect Windows computers and spread to IoT devices on the network.

“The Windows version of Mirai will attempt to connect to those devices through potentially open ports. These ports could simply be other Windows machines or they may be connected devices. Upon connecting successfully and determining that the platform is Linux based, it will turn that particular device into a DDoS bot in the Mirai botnet,” Symantec said in a blog.

The sheer breadth of Windows usage (more than one billion PCs are running all Windows versions) means that Mirai is able to spread its malware more widely.

In October 2016, the Mirai malware originally turned IoT devices into botnets and struck everything from DVRs, security cameras and more. 

The malware accessed devices using default usernames and passwords, and then took control to turn the botnet devices into weapons that conducted a Distributed Denial of Service (DDoS) attack. The attack brought down one of the largest global hosting companies, and its clients, for hours.

Symantec says the IoT trend will keep rising, and now any connected device, whether it’s a toaster or Bluetooth door lock, is now its own computer subject to its own security issues.

The company suggests that users must protect their Windows computers. 

Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More
Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More
Story image
Kaspersky ranked number one in channel partner satisfaction
“Being recognised for the second consecutive year as the number one cybersecurity vendor for channel satisfaction, reflects the investment we have made in the Kaspersky United partner program over the past two years."More
Story image
Essential tools for managing user identity and how they impact your bottom line
Customer identity and access management (CIAM) is how companies give their end-users access to their digital properties, as well as how they govern, collect, analyse, and securely store data for those users.More
Story image
Vulnerability disclosures back to expected rates despite COVID disruption
The total number of vulnerabilities in 2020 is on track to exceed 2019.More