Categories: Social Media

Internet Connected Gadgets Blamed For Friday Malware Attack

A Chinese electronics component manufacturer says its products inadvertently played a role in a massive Friday malware attack that disrupted major internet sites in the U.S. on Friday. Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.

According to security researchers, malware known as Mirai has been taking advantage of these vulnerabilities by infecting the devices and using them to launch huge distributed denial-of-service attacks, including Friday’s outage.“Mirai is a huge disaster for the Internet of Things,” Xiongmai said in an email to IDG News Service. “We have to admit that our products also suffered from hacker’s break-in and illegal use.”

Mirai works by enslaving IoT devices to form a massive connected network. The devices are then used to deluge websites with requests, overloading the sites and effectively taking them offline.

Because these devices have weak default passwords and are easy to infect, Mirai has been found spreading to at least 500,000 devices, according to internet backbone provider Level 3 Communications.

Xiongmai says it patched the flaws with its products in September 2015 and its devices now ask the customer to change the default password when used for the first time. But products running older versions of the firmware are still vulnerable.

To stop the Mirai malware, Xiongmai is advising customers to update their product’s firmware and change the default usernames and passwords to them. Customers can also disconnect the products from the internet.

Botnets created from the Mirai malware were at least partly responsible for Friday’s massive internet disruption, according to Dyn, the DNS service provider targeted in the assault.

“We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack,” Dyn said in a statement.

The DDOS attack, which flooded sites with an overwhelming amount of internet traffic, slowed and stopped access to Twitter, Spotify, PayPal, and many more services.

Although Dyn managed to fend off the disruption and restore access to its service, Mirai-powered botnets could easily strike again. Earlier this month, the unknown developer of the Mirai malware released its source code to the hacker community. Security firms have already noticed copycat hackers using it.

The Mirai malware also appears to target products from other IoT vendors that use weak default passwords in their devices. Security experts have noticed the malware tries a list of more than 60 combinations of user names and passwords.

Last month, a Mirai-powered botnet also briefly took down the website of cybersecurity reporter Brian Krebs by delivering 665 Gbps of traffic, making it one of the largest recorded DDOS attacks in history.

Sameer
Sameer is a writer, entrepreneur and investor. He is passionate about inspiring entrepreneurs and women in business, telling great startup stories, providing readers with actionable insights on startup fundraising, startup marketing and startup non-obviousnesses and generally ranting on things that he thinks should be ranting about all while hoping to impress upon them to bet on themselves (as entrepreneurs) and bet on others (as investors or potential board members or executives or managers) who are really betting on themselves but need the motivation of someone else’s endorsement to get there.

Recent Posts

How Eddie Gravalese is Redefining Business Consulting in 2025

In 2025, consulting sits at a crossroads: AI is everywhere, capital is tighter, and communities expect more from the businesses…

8 hours ago

DroidKit Latest Review: The Ultimate Android Toolkit for Unlocking and Data Recovery

Looking for a reliable solution to unlock your Android, recover lost data, or fix system issues? DroidKit by iMobie is…

11 hours ago

Ford Everest 2025: A Look at the 7-Seater SUV in the UAE

Big families, road trips and desert weekends, the Ford Everest 2025 seems built exactly for the UAE lifestyle. With its…

11 hours ago

Step-by-Step Guide to Claim MyJudi96 Free Credit RM10 No Deposit Bonus

In 2025, Malaysian online casino players are spoiled for choice when it comes to free credit offers. But among all…

14 hours ago

668Duit Casino Promotions 2025: Free Credit, Reload Bonuses & More

Introduction: In 2025, Malaysian online casino players will have more choices than ever when it comes to exciting platforms and…

14 hours ago

CO2 Heat Pumps: A Sustainable Path to Reduced Operational Emissions

Industrial heating is a major contributor to global greenhouse gas emissions, making the shift toward decarbonization more critical than ever.…

14 hours ago