Forum Discussion
Mirai Botnet
- 4 years ago
Good morning folks,
Thanks for the discussion! Just wanted to let you know that Arcadyan is addressing this matter and we are in touch with them. You'll hear from us on further updates.
Your patience and understanding are much appreciated.
Thanks,
Liz
Edit:
In the meantime, wouldn't hurt to do an overall security check of your devices. Google periodically reminds me to review my security settings, would be good to apply the same to everything else. Here are some tips.
I am going to go out on a limb, and say that unless you have Static IP enabled on your account (Only SME accounts can do that, residential can't), then you should be OK for the time being, as no one can remotely access your terminals. Those that do have an SME account with Static IP, could very well become impacted.
Hmm, not sure why I posted under this account... -C0RR0SIVE
For those that are curious about what it is and what it does this is pretty comrehensive: What is the Mirai Botnet?
I suspect that hackers trying to deploy this incrementally scan IPs looking for IoT devices via /HNAP1 or /thinkphp or /TP/public/index.php signatures. Once a target is found, they attempt to use default passwords to get control of it.
As chuckyofterror (er, @C0RR0SIVE) mentioned, they cannot even get to the HN2000W modem on standard residential networks because of the double-NAT that's in-place. That is not the case with Business accounts with static IPs, which are accessible from the outside.
Related Content
- 6 years ago
- 6 years ago
- 5 years ago