Mirai Botnet

Malware updated 2 months ago (2024-10-01T20:01:07.602Z)
Download STIX
Preview STIX
The Mirai botnet, a type of malware, is known for its ability to exploit vulnerabilities in various devices and systems. Mirai operates by infecting systems without the user's knowledge, often through suspicious downloads, emails, or websites. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage. This malicious software has been particularly disruptive due to its adaptability and range of targets. Since March 2023, there have been reports of a variant of the Mirai botnet spreading by targeting flaws in D-Link, Zyxel, and Netgear devices, including CVE-2023-25280. Additionally, an instance of the Corona Mirai botnet has been observed spreading via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Recently, evidence suggests that attackers are experimenting with new vulnerabilities, possibly integrating them into variants of the Mirai botnet. Moreover, the Mirai botnet has also been found to spread through the exploitation of Ivanti Connect Secure bugs. Despite these activities, detections of the Mirai botnet family dropped by 9% QoQ in Hong Kong in Q1 2022. However, the overall threat posed by the Mirai botnet remains significant as it continues to evolve and find new avenues for infection and disruption.
Description last updated: 2024-10-01T19:16:01.950Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Gafgyt is a possible alias for Mirai Botnet. Gafgyt, also known as Bashlite, is a type of malware that targets Linux architecture operating systems with the primary intent to launch distributed denial of service (DDoS) attacks. This malicious software infiltrates systems often through suspicious downloads, emails, or websites, and upon entry,
3
Moobot is a possible alias for Mirai Botnet. Moobot is a type of malware, or malicious software, designed to exploit and damage computer systems. It can infiltrate these systems via suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold dat
2
Gafgyt Variant is a possible alias for Mirai Botnet. The Gafgyt variant is a malicious software that poses a significant threat to computer systems and devices. This malware can infiltrate your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information,
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Botnet
Malware
Vulnerability
Linux
Exploit
Ddos
Zero Day
Akamai
Minecraft
DNS
Ransomware
Android
Source
Fortiguard
t1583.005
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Mirai Malware is associated with Mirai Botnet. Mirai, a malware that targets Internet of Things (IoT) devices, was responsible for over 7 million botnet detections in early 2022. This malicious software infiltrates systems often without the user's knowledge and can steal personal information, disrupt operations, or hold data hostage for ransom. Unspecified
13
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2023-1389 Vulnerability is associated with Mirai Botnet. CVE-2023-1389 is a command injection vulnerability discovered in TP-Link Archer AX21 routers. This flaw in software design or implementation was publicly released in March of the year 2023 and has since been exploited by various malicious actors. Attack traffic through the vulnerable routers has beeUnspecified
6
Source Document References
Information about the Mirai Botnet Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
2 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
InfoSecurity-magazine
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
InfoSecurity-magazine
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago