The terrible thing about Mirai is that as long as any IoT device is neglecting to change the account, it may become a hacker, or become a cadre of DDoS attacks, or let the enterprise using the device directly invade and cause confidentiality. Source: Cyber ​​Investigative Services
Undoubtedly, when it comes to the Internet of Things (IoT) or the Internet of Things (IoE), it is a hot topic in recent years, and it has become a business opportunity for manufacturers to rush to attack; but people are enjoying the high-altitude benefits of IoT, and then let Work and life have become more intelligent and convenient, and it seems to bear greater privacy and security threats than ever before.
At the end of last year (2016), a zombie virus named Mirai, which caused a lot of fierce distributed blocking service attacks (DDoS), is undoubtedly a shocking education, so that everyone suddenly wakes up and finally understands that today is shouted The sky-high price of the Internet of Things has turned out to be so weak.
Looking back at Mirai's history, it was first discovered in August last year. It is intended to attack Internet-based devices such as network routers, printers, cameras or digital surveillance video recorders (DVRs) based on Linux firmware. As for specific intrusion techniques, viruses will first Choose a random IP address, and then try to use some of the default management accounts to see if you can log in to the device. Unfortunately, many IoT device vendors and users are too ignorant to follow the default account and password. The situation abounds, so that the Mirai attackers have entered the unmanned environment and successively captured major websites, including Twitter, Paypal, Spotify and other websites.
By 2017, Mirai has optimized its physique, no longer only knows how to use bots and brute force to discover potential victims, but further uses new Windows Trojans to help search for potential targets and expand Mirai zombies. The extent of infection of the virus.
This Windows Trojan will be responsible for scanning the specified IP address according to the instructions of the C&C server. If the target device is successfully invaded, it will immediately check the operating platform used by the device. If it is Linux, it will not directly implant the Mirai virus. If it is Windows, it will copy the Trojan to the device and take over the search for other Linux target devices.
The scary thing is that the Windows Trojan program scans more ports and has a wider variety of ports than the original Linux version. It simply includes all possible ways to infect the device, effectively expanding the range of Mirai activities. Can not help but worry, the user after the shock of education at the end of 2016, Mirai, whether to remedy the situation, and quickly corrected the bad habit of using the default account secret? If not, even if 2016 is not a victim, it is still possible to escape the number with the powerful offensive of the Windows Trojan.
People may not know, there is a search engine called Shodan, which is a super-large catalogue of intelligent Internet of Things IoT devices. As long as any user in the world does not change the default password of the device, it will be included in the statistics of Shodan website. Until now, Taiwan The IoT device that meets the Default Password is constantly maintained at a high level of nearly 10,000 units, ranking first in the world, accounting for more than 10% of the global total, and more than 3,000 units higher than the United States.
Seeing this data, it should be expected that many security experts will be cold and sweaty, and the people’s awareness of the security of the Internet of Things will be so weak. Such “low-level mistakes†may cause us to suffer extremely high security risks.
It is worth mentioning that Insecam, a website that claims to have tens of thousands of webcams, has more than 340 monitors from Taiwan. The most popular among security experts is a certain art store, hacker. Has successfully replaced the store's system, and also posted a red line on the monitor screen, indicating that the store's network camera has been invaded, but a few months have passed, this line of red characters is always on the screen, meaning that the store is The fact that your own camera has been invaded remains unrecognizable. No matter what countermeasures are taken, the security of the Internet of Things is serious. With this example, it can be fully revealed.
Disposable Electronic Atomizer
Disposable Electronic Atomizer,Disposable Atomizer Electronic Cigarette,Disposable Electronic Atomizer Adapter,Disposable Electronic Atomizer Pen
Lensen Electronics Co., Ltd , https://www.lensenvape.com