Deux hackers permettent de louer l’accès à leur botnet de type Mirai pour DDOS. Il asservirait, selon eux, plus de 400 000 machines infectées prêtes à générer des attaques en déni de service DDoS aux ordres du prochain client. Un bon post sur les arcanes de ces attaques DDoS de Catalin Cimpanu sur le bleepingcomputer.com
You Can Now Rent a Mirai Botnet of 400,000 Bots | sur BleepingComputer
Two hackers are renting access to a massive Mirai botnet, which they claim has more than 400,000 infected bots, ready to carry out DDoS attacks at anyone’s behest.
For our readers unfamiliar with Mirai, this is a malware family that targets embedded systems and Internet of Things (IoT) devices and has been used in the past two months to launch the largest DDoS attacks known to date.
Previous high-profile victims included French Internet service provider OVH (1.1 Tbps), managed DNS service provider Dyn (size unknown), and the personal blog of investigative journalist Brian Krebs (620 Gbps), who at the time, had just recently uncovered an Israeli DDoS-for-Hire service called vDos.
400K botnet spawned from original Mirai source code
After the OVH and Krebs DDoS attacks, the creator of this malware open-sourced Mirai, so other crooks could deploy their own botnets and cover some of the malware creator’s tracks.
According to a Flashpoint report, this is exactly what happened, with multiple Mirai botnets popping up all over the web, as small-time crooks tried to set up their personal DDoS cannons.
Two security researchers that go online only by their nicknames, 2sec4u and MalwareTech, have been tracking some of these Mirai-based botnets via the @MiraiAttacks Twitter account and the MalwareTech Botnet Tracker.
The two say that most of the Mirai botnets they follow are relatively small in size, but there is one much much bigger than most…