An IoT botnet is a collection of compromised IoT devices such as routers, cameras, wearables and other embedded technology that is infected with malware. It permits an attacker to hold them and carry out tasks just like a traditional PC botnet. They have been behind some of the most damaging cyberattacks versus organizations around the globe, including hospitals, national transport links, communication companies, and political movements.
Indicator of compromise
Currently, we got a list of the suspicious domain, please use them to detect Mirai botnet
Recent trends:
Very recently, malware researcher spotted the Mirai botnet sale in the dark web. Please refer the following snapshot of the sale in the dark web.
This sale is a wake-up call for organization around the world to combat against Mirai Botnet. If the sale is high then it will be disastrous due to the range of attack.
Post made by
newWorld
NOTE: Please keep up the general advice to be followed:
Indicator of compromise
Currently, we got a list of the suspicious domain, please use them to detect Mirai botnet
- godnet[.]godnigga[.]eu
- nexusaquariums[.]ir
- miraibotnet[.]cf
- power4you[.]ddns[.]net
- serversrus[.]club
- santasbigcandycane[.]cx
- network[.]bigbotpein[.]com
- proxy[.]bigbotpein[.]com
- cnc[.]smokemethallday[.]tk
- report[.]smokemethallday[.]tk
- misaboatnet[.]pw
- snicker[.]ir
- dopeassnet[.]tk
- scan[.]snowondex[.]org
- back[.]uu8889[.]com
- rpt[.]uu8889[.]com
- 165[.]227[.]220[.]202
- thonder[.]club
- flapik[.]pro
- blueandsausesfries[.]us
- smithre[.]top
- bursts[.]pro
- nnn[.]shenron[.]pw
- rrr[.]shenron[.]pw
- zetastress[.]net
- scan[.]snowondex[.]net
Recent trends:
Very recently, malware researcher spotted the Mirai botnet sale in the dark web. Please refer the following snapshot of the sale in the dark web.
 |
| MIRAI SALE IN DARK WEB |
Post made by
newWorld
NOTE: Please keep up the general advice to be followed:
- Change the default OEM credentials and ensure that passwords meet the minimum complexity.
- Disable Universal Plug and Play (UPnP) unless absolutely necessary. Implement account lockout policies to reduce the risk of brute forcing attacks.
- Telnet and SSH should be disabled on the device if there is no requirement of remote management.
- Configure VPN and SSH to access device if remote access is required.
- Configure certificate-based authentication for telnet client for remote management of devices.
No comments:
Post a Comment