New Mirai Variant Targets Enterprise Linux Servers For Powerful DDoS Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Nov 28, 2018 06:30 am PST

It has been reported that two years after the chaotic Mirai botnet blocked access to major websites using hacked consumer routers and other IoT devices, a new variant is taking aim at x86 Linux servers in the enterprise.

Sean Newman, Director Protect Management, Corero Network Security explains the attack.

Sean Newman, Director Protect Management at Corero Network Security:

Sean Newman 1“Although smaller damaging attacks are happening all the time, we haven’t seen a significant sized DDoS attack since Memcached back in February this year.  This has mainly been attributed to the rise in popularity of cryptocurrency mining, as a more immediately profitable use of hijacked CPU resource, but you just knew it would only be a matter of time before the next potential source of large-scale DDoS attacks came out of the shadows.  DDoS is just too lucrative for the cyber criminals, either directly, or renting it out as a service, for this to go away any time soon, if at all.

With this latest vector leveraging exposed servers, as was also the case with Memcached, it may suggest a trend away from relying on the easy to compromise, but low powered, IoT devices that were famously brought into the limelight by the Mirai botnet.  However, whatever the source of the attacks, this continues to reinforce the importance of having dedicated DDoS protection in place, as part of a comprehensive layered defense strategy.”