Following the news that the Mirai botnet has once again evolved to make a Windows botnet, Alex Mathews, Lead Security Evangelist at Positive Technologies commented below.
Alex Mathews, Lead Security Evangelist at Positive Technologies:
“There was never any doubt amongst the security industry that the Mirai botnet would evolve to inlcud other types of devices.
“More dangerous versions of Mirai botnet will appear as malware authors discover and use serious, previously unknown vulnerabilities (zero-days) in devices’ firmware. If that happens, there will be very little users can do to protect themselves – there were numerous reports of such vulnerabilities in recent years.
“In 2013, Positive Technologies experts detected several critical DVR vulnerabilities that allow attackers to access DVRs remotely and recruit them to botnets: the vulnerable firmware, including Samsung Web Viewer, was used in many DVRs sold under dozens of brands worldwide. Another notable example was a debugging backdoor in Sony Ipela Engine IP cameras, found last November by SEC Consult experts: while these web-cameras didn’t officially have Telnet access they could be unlocked due to passwords hardcoded in the firmware.
“We fully expect there to be more botnets in the coming months and years based on similar vulnerabilities.”