Integrators - Any Client Concerns About Mirai?

Just had my first enterprise customer asked about the Mirai botnet attacks and whether they need to change the products they are looking at purchasing. We don't sell low cost products (well, not very often) and secure our networks thoroughly if any portion is exposed online. It made for an easy question to answer. Anyone else getting any questions?

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

** ****** * ****-**** ** *** ***** ******** ***** * reasonable ********** ** ********. **'** **** ***** ** **** **** our "****-****" ****** ******* **'* ******* *********'* ********... ****** ***** rather ****** ** ** *****...

*******, ** **** ** ** *** **** ** **** "********" in **** ********... ** **'** ***** ** ******** ** ** the ***** *****.

*** *** *** *** ***********!!! *** *** ****** ** ************.

* ***'* **********, *** **** ***** ******** ******* **** ** vulnerable ** *****?

**** ****'*.

**** *** **** ********* *** ** **** **** ****** * statement ** *** ******* **** **** ********* *** ********* ** some ** *** ******* ** *****. ** *** ***** *** and ******* ******* ****** ** *** ******* *** ****** **** a ******** ********* ** ******* ***** **** ** *********** *** proactively. ** *** ******* **** * *** **** **** ***** if ******** *** ** ****** ******** ******** *** ********** *******.

** **** **** *********. ********, *** ************* ** *** **** port **********, *** **** ****** ********* **** *** ** *** same ****** ** *** ***** ** *** ****** ***** **** iot ******* *** *******. *** ** ***** ** * "***** this ****" **** ** ************ ****. *** *** ****** ********, but *** ******* ** ***** ***** **** * ********* ****** update **** *** ****** *** ********** ***************. ** ****** ******* passwords *** ***********, *** ** *** ******* **** ******** **** door *********** ********** *** **** ****** *****.

** *** ****** **** ********** ******* *** ******** ********* **** are * *******. **** ******* **** ******** *-* ***** ***. A ****** ** **** ********* *** ******** ******** ************* ***** be *** ******** *** *** ****** ****** **** ** ********* on *** ****** *** ****** ******* *** *** ****** ** the *******. ***** *** ***** * *** *******, ***** **** Dahua, ** *** ********** *******.

**** ***** ** **** *** ***** ** ** ***** ** direct **** ********** ** *** ****** ** *** ******* **********. Come ** **** * ********** **** *** **** ******* ** notify ********* *** ******* ****. **** ******* *** ** ******* infected ******* **** *********. ******* **** ******** **** *** ******** activity. **** ** ****** **** *** ****** ** ***** ******* than *** *** ******.

********, *** ************* ** *** **** **** **********, *** **** client ********* **** *** ** *** **** ****** ** *** route ** *** ****** ***** **** *** ******* *** *******.All ** ***** ** * "***** **** ****" **** ** ************ ****...

****, ***** *** *** ******* **** ****? *'* *** ***** of ***** ********* **** ** ***** ********** *******.

****** *** **** **** *** **** ******** *** ****** *** with **** ****** ***** ***** *** ********* *** **** ******* to ***** *** ***** **** *** ******** ****.

***** ***** **** **** ****** ** ****-********** ***** **-*****.

*** **** *****, *** **** ** ***** ******** ** ******. It ** ***** **** ***** *** ******** **** ************* **** as ****, *******, *******, ****, *****, *******, *****, *******, *** vivotek. ******* *** ***** ************* *** **** ** ******** **** of *** ************. ****, * *** ******* ** ********** **. If ***** ** ***** ************* **** ***** ********* ***************, **** better ***** ** **** * "*** ** *****" **** ****. I *** **** *** ******* ***** ******** **** *** ******* were ** ****. ********* ** *** **** ******* **** **** a ***** ** *** ****** *** ******** * ******* ******* to *************, *** ******** ********* *** ** ***** ******** *************** the **** ****** ** ***** *** ***** ****** **** ****** them, ** **** ** *** *********** **** **** ****.

*** **, *************. *** ****** ** *** ****.

**** **** * **** **********, ** ***, *** ***** ****** also ******* **** ***, ****** ******* **** ******* (*****, ************, etc). **** **** ******, *** ** **** **** *** ********** network *** *** ******* (*******, ***********, ***) ** *** "***" list. * ** *** * ******, *** * ****** **** once *** ******** ** ********, **** * ******* *********** **** embeds **** ** ***** ***** **** *******, ****** ******* ** commands *** ** ********. ** ********** **** ** **** *** chance **** **** ***** *** **** ***** ** ********* ** our ****. ******* *** **** ** *** ********* *********** ** the ****** *** **** *** ******* *** *** "**** ****" to ********** *******, **** **** ***. * *** *** ******* that *** ** *** ******** ** ********* ** ******** ******* are ******** ****** ********* ** *** ********** ** *** ******* as ***. * **** ********* ********* ** ** *******, *** have ***** **** ** ******** ** ******* ***** * ***** do * ******** *** **** ******* (***** ******** ******). *****, if **** **** *****, **** ****** **** ****** **** *** LAN ** *** ***** *******.

-------------------

*** *******, ****** “*****,” ******* ** ********** ******* ** ************ scanning *** ******** *** *** ******* ********* ** ******* ******* or ****-***** ********* *** *********. ** *** ****** *** ** silently *** ***** *** *********** **** ** ********, ** *******, login *******, ****** **** ******, ***** **** ******, *** ******, phone ****** *** **** *** ******* *******. **** ******** **** very **** ** **** ** ******** *****. *** ***** ******* continuously ***** *** ******** *** ********** *** *******, ** *** purpose ** ******** *** **** ** ****** *******. ** *** ability ** **** ** ****** ******* ********* *** ********* ** order ** **** *** ********** *******. ******* **** *** ******* are *** ******* *** **** *******. ** **** ****** *** bot ** ****** ******** ** ********* ** *******. *** ******* ofMirai ****** claimed around 380,000 IoT devices were enslaved by the Mirai malware in the attack on Krebs’ website. Its features are segmented command-and-control, that is allows the botnet to launch simultaneous DDoS attacks. So, it is very important to get rid of Mirai ****** from the PC as soon as possible.

**** **** * **** **********, ** ***, *** ***** ****** also ******* **** ***

*** *** **** **** ***** ** ********** **** ******* ****? From ********** * **** **** ***** *****, ** **** *** infect ** ******* *** ** *** ***.

**** ** ******* *** *********** ******** ** *** ****** **** ** *** post. *** ** ******* ******* ******** *****, ** ********* ** their **** ********* ** *** ***** ** ***** ****** **** buying ***** *******.

*** ******* ** *** ****** ****, ***** ** ** ******** it ***** **** ***.

*** **** ***** ****-********* ** *** *** *******. ** ******* that *** *** ********** "*****" *** ******** *** ******-**-**** ** and **** ** **** ****** ****** ******** ** *** ****** to ******** ***** *******.

**** **** * **** ****, ***** ********* ***-******** ******** **** run *** ****** ********, ***** **** **** **** *** ******** for ******* ***** *********, * ** *** ****** ****** *** pre-compiled ** *** ** *****/*******, *** ***** ***** ** * newer ****** *** ***** ***.

**** **** * **** **********, ** ***, *** ***** ****** also ******* **** ***...

**** ***** **'* ******* * ****** ****** **** ******* ****** user/pass *********** *** **** ** *********. ***** * ******* ** pretty ***.

**** **** ******, *** ** **** **** *** ********** ******* for *** ******* (*******, ***********, ***) ** *** "***" ****.

********, ** *** **** ** *** ***** ****** ****,** ********* ** **** *** ****** ** ******, *** *** software ******** ******* ** ********* *** ****** ********** **** ******** networks (***.***.*.* *** *******), ******* ********* (******* *******, **), *** US ****** *******, *** *** ********** ** *******.

*** ********* ******* ** ***** **** ******* * ****** ** to ****, ********* ******* ******:

*****,

***** **** **** ******* ** ****** ****** ******* ********* *** code ** *****. ** *** ******* ** ** *** ******** that *** ** ***** ******* *** *** ** ********** **** infected *** ** *** ** * ********* ******* *** ******* to **********? ** * *** * ******, ******** *** ********* from *** ****** ***** ** *** **** **** **** ****, as ******** **.** ******* ** ********** ******* ****** *****, ******* upnp, ***, ** ****** ******** ******.

* **** ** ***** ** *** **** ****/*** ******, *** what **/***, *** ** ** ******* ** **/****. * ** just ******** ***** *** ** *** "***".

****, * *** **** ****** ******* ******* ************* ** ***** routers. *** **** *******/**** ****** ******/******* *** ** ****, ****. Most * **** **** ******* *** ************* ******* ***********. ***** are **** ******** ** ***** *** *****, ** ******* ******, most **** ******* ***********.

*'* **** **** ****** ** ****** **** ********** ***** **** could ** **** **** *****, *** * **** *** **** any ******** ********* ** ** ********* ***, ** *** ***** used ** **** ******** ****. **** ** *** * ***** you *** *****/********** ******* **** *** *** ******* ** * thought *** *** **** ****** **** ******** ******** ** ** having **** ****, *** *** **** ********.

* ***** **** ******** **** *** ****** ** * *** could **** ** **** *** ******* **** **** ******* ** connect *** ** **** *******, *** *** *** ********* ******** from *** ********. *** ** *** * **** *** ***** of **** *********.

*** *** ******* **** ******* **** ****** **** *** * path ** *** *** ** *** ******** **** * ****** of ****** ************ *** ****** ** ******* ***********. **** ** the ***** ******** ** *******, ** ** ***** ******** ** run * ********** ****** *** **** *** ********, ***** ** why ****** ***** ** ** ******** ** ***** *******, *** just *** ********* ********* ** ****** ******** *****.

* **** ** ***** ** *** **** ****/*** ******, *** what **/***, *** ** ** ******* ** **/****. * ** just ******** ***** *** ** *** "***".

******, ****? ***** ********** *** **** **** *****, ********** ** how *** *** ********.

********, *** ************* ** *** **** **** **********, *** **** client ********* **** *** ** *** **** ****** ** *** route ** *** ****** ***** **** *** ******* *** *******. All ** ***** ** * "***** **** ****" **** ** unsuspecting ****...

**** ***** ** **** *** ***** ** ** ***** ** direct **** ********** ** *** ****** ** *** ******* **********.

(** * *** ******** ******** ** *** ********* ** ******).

"********, **** *** *** ******** **** **** *** *****, * have * **** *** ***. *** **** *** ***** ******** computers ** *******, *** ****, *** **** **** *** * year ******* ****** ** *** ***** ********. ****** *** ** put *** "**** ******** ****** ***** ******" **** ** *** Longse **** ****. * **** *** *** *** ***** **** Comrade ******. ** ***** **** ** ** ****** **** ******* code * **** **** ********* *** **** ****, ****, *** set ** ** ****** **** ****** *****, **** * ****** activation **** *** *** ********** ** ******* **** *****".

* *** * ****** ***** ** ** *****. ** *** the **** ** *** ** ****. ** *** ******* ***** locking **** *** ******** **** **** **** ** ** ****. I **** *** *** ******** ****** *** **** *** ******** network. **** **** * ***** ******** ******* **** ***** ** a *** **. ** **** **** **** **** ***** *** cameras **** **** ******** ********* *** ******* *********, ** *** risk ** *******. **** **** ******* ******* *** ******* **** the ********, ** **** **********. ** *** ******* ********* *** SMB ****** **** **** ***** **** ** ******** *** ******. Lots ** ********* ******* **** *** ***** **** ******** ** individual ***** ** ******* *** ********.