Skip to main content

The source code for a potent DDoS tool has now been made public

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
In September, cybersecurity journalist Brian Krebs was targeted by a massive DDoS attack that took his website offline. Now, Krebs is reporting that the source code that powered the attack has been publicly distributed on the internet.

Mirai is a piece of malware that preys on Internet of Things devices, specifically those that are being protected by factory default settings, or hard-coded authentication credentials. It continually scans for targets, seeding those that are vulnerable and turning them into bots that can be used to facilitate a DDoS attack.

The Mirai source code was released via a malware message board known as Hackforums, according to a report from Krebs on Security. The user responsible for the post states a desire to move on from staging attacks on IoT hardware, but Krebs believes that the real motivation behind this release is less altruistic.

The high-profile nature of the attack on Krebs’ site has likely prompted a new wave of investigations into Mirai and its authors. Krebs argues that the culprit is likely to be circulating the source code to make it more difficult for law enforcement to trace this particular strain of malware back to its origin.

The good news is that IoT devices infected by Mirai can be recovered via a simple reboot — the bad news is that scanning for new targets is thought to be so prevalent, that the hardware could be infected once again in a matter of minutes. As such, the advice is to change the default password, putting the device outside of Mirai’s reach.

Referencing a Gartner forecast that predicts that 6.4 billion IoT devices will be in use worldwide this year, Krebs warns of a “dawning IoT nightmare” if security standards aren’t tightened. Given the amount of hardware out in the wild, and the fact that Mirai is now freely available, it’s easy to see where his concerns are coming from.

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Hackers just launched the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

Cloudflare, which specializes in DDoS mitigation, announced that it successfully prevented the record-breaking onslaught before it could inflict any real damage.

Read more
Cloudflare just stopped one of the largest DDoS attacks ever
Hands on a laptop.

Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.

The HTTPS DDoS attack was one of the largest such attacks ever recorded, and it came from unusual sources -- data centers.

Read more
Microsoft stopped the largest DDoS attack ever reported
Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more