Researchers say the latest Mirai builds are like the others, with one significant difference The Mirai botnet hasn’t gone away, you don’t hear about it much, but the code has been constantly updated and maintained. Recently, Symantec’s Dinesh Venkatesan discovered a command and control (C&C) server hosting various types of malware, each one targeted for a specific platform.In October of 2016, the Mirai botnet was used in attacks against Dyn Inc., knocking out internet service to most of the east coast in the United States, but it was later determined to be a variant of Mirai in the Dyn Inc. attack, it wasn’t the same set of Mirai bots used to target OVH and Brian Krebs the month prior.The Mirai botnet source code was released to the public shortly before the Dyn Inc. attack, leading copycats to create botnets of their own, a practice that has continued to this day.“One of the major pain points for a cross platform IoT botnet is portability. The malware must be able to run on different architectures and platforms in a self-contained capsule without any run-time surprises or misconfiguration,” Venkatesan wrote in a blog post. To overcome this pain, someone has turned to Aboriginal Linux in order to increase the reach of Mirai.By using the open-source project, the Mirai controllers are able to easily cross compile binaries, making the botnet compatible with multiple architectures and devices, and executable on a number of devices, including routers, IP cameras, Android, and other connected devices. It isn’t the first-time criminals have opted to use a legitimate tool for their dirty work, and it won’t be the last.When tested, Venkatesan said that the malware attempted to scan 500,000 IP addresses using a random generation process that Mirai is known for.Symantec urges IoT developers and administrators to take care and remember to audit the devices on their network, and to remove default passwords and settings.In addition, Symantec also stressed limiting access to non-essential functions and features, and to disable UPnP (Universal Plug and Play) on routers unless “absolutely necessary” along with disabling Telnet in favor of SSH.Consumers should use wired over wireless when it comes to connections, and should research the capabilities and security features of any IoT device before searching, and pay close attention to the manufacturer for firmware releases. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe