The researchers first discovered this new strain earlier this year and now it is being used in a new IoT botnet targeting smart signage TVs and wireless presentation systems.
The authors of the botnet have spent a great deal of time upgrading older versions of the Mirai malware with new exploits and according to Palo Alto Networks, this new Mirai botnet uses 27 exploits with 11 that are completely new to Mirai altogether.
Mirai’s built-in list of default credentials has also been expanded by the botnet operator to allow the malware to more easily gain access to devices that use default passwords. In total, four new username and password combinations have been added according to a new report from Palo Alto Network’s Unit 42.
This new Mirai botnet is intended to infect IoT devices with exposed Telnet ports through the use of default credentials which many hardware makers continue to leave unchanged despite the security risks they pose.
While previous botnets using the Mirai malware have targeted routers, modems, security cameras and DVRs, the latest one is intentionally targeting smart signage TVs and wireless presentation systems, specifically LG’s Supersign TVs and the WePresent WiPG-1000 wireless presentation system.
Both of these exploits have been available online for some time but this is the first instance researchers have seen of them being weaponized.
To avoid having your devices fall victim to the Mirai botnet, it is recommended that you only use devices from trusted manufacturers and immediately change the default passwords on those devices.
Good news, bike riders: There’s a new helmet on the market that’s not only sleek and lightweight but proven to help protect you from getting a concussion far better than the standard foam helmets. That’s according to Trek, which on Tuesday introduced the Bontrager WaveCel helmet, calling WaveCel “a major innovation in a category that...
US Transportation Secretary Elaine Chao announced on Tuesday that her department is requesting an audit on how the Boeing 737 Max was certified by the Federal Aviation Administration to enter service. “This is to confirm my request that the Office of Inspector General proceed with an audit to compile an objective and detailed factual history...