Skip to main content
CyberSecurity

Mirai Botnet Spinoffs Launch Global DDoS Attacks

simran January 21, 2025
Mirai Botnet Spinoffs Launch Global DDoS Attacks

Mirai Botnet-Driven DDoS Attacks: A Growing Threat

A fresh wave of distributed denial-of-service (DDoS) attacks globally has been attributed to separate spinoffs of the infamous Mirai botnet. These attacks are exploiting specific vulnerabilities in Internet of Things (IoT) devices to establish "expansive" botnet networks, while the other has been targeting organizations in North America, Europe, and Asia with DDoS attacks since the end of 2024, researchers have found.

Murdoc_Botnet: A New DDoS Threat

An ongoing operation within the Mirai botnet, dubbed "Murdoc_Botnet" (which began in July and has more than 1,300 active IPs), is targeting Avtech cameras and Huawei HG532 routers. Researchers from Qualys revealed this information, highlighting the growing threat posed by this new DDoS attack.

Mitigation Strategies for DDoS Attacks

To combat these attacks, organizations are advised to take the following precautions:

  • Regularly monitor suspicious processes, events, and network traffic spawned by the execution of any untrusted binary/scripts.
  • Exercise caution when executing shell scripts from unknown and untrusted sources.

Mitigation Strategies for DDoS Attacks (Continued)

Trend Micro analysts recommended different mitigation efforts for the two types of DDoS attacks they observed. For attacks that flood the network with packets, the researchers recommended:

  • Using a firewall or router to block specific IP addresses or protocols and restrict traffic.
  • Collaborating with communication service providers to filter DDoS traffic at the backbone or edge of the network.
  • Strengthening router hardware to increase the number of packets that can be processed.

For attacks that exhaust resources by establishing a large number of sessions, Trend Micro recommended:

  • Limiting the number of requests that can be sent by a specific IP address within a certain period of time.
  • Using third-party services to separate attack traffic and process clean traffic.
  • Performing real-time monitoring and blocking IP addresses with a high number of connections, among other mitigations and preventions.

Source Link

Next Post

You May Also Like

Schedule & Post on WordPress
Schedule & Post on WordPressWordpress

Schedule & Post on WordPress

simransimranJanuary 16, 2025
Researchers Uncover NonEuclid RAT Exploits
Researchers Uncover NonEuclid RAT ExploitsCyberSecurity

Researchers Uncover NonEuclid RAT Exploits

simransimranJanuary 15, 2025
Here's a rewritten title in 50-60 characters max:"2024 Black Friday/Cyber Monday Deals: Huge Savings"
Here’s a rewritten title in 50-60 characters max:“2024 Black Friday/Cyber Monday Deals: Huge Savings”Wordpress

Here’s a rewritten title in 50-60 characters max:“2024 Black Friday/Cyber Monday Deals: Huge Savings”

simransimranJanuary 16, 2025

FUSION MAG