Mirai malware was used in attacks on US candidates' sites

The security firm Flashpoint has revealed that the Mirai malware was used in attacks which aimed to take down the sites of candidates ahead of the US presidential election.

Leading up to the US presidential election, hackers did try to take down the campaign sites of Hilary Clinton and Donald Trump using the Mirai malware, ultimately being unsuccessful.

Security firm Flashpoint has revealed that four separate 30-second HTTP Layer 7 attacks were launched against the websites of both opponents between 6-7 November. Due to the fact that more hackers have begun to utilise the Mirai botnet, none of the attacks were able to bring either site offline.

The firm offered more details on how the Mirai botnet has recently become weakened due to the release of its source code, saying: “Flashpoint assesses with moderate confidence that the Mirai botnet has been fractured into smaller, competing botnets due to the release of its source code, which has led to the proliferation of actors exploiting the botnet's devices.”

The source code for the Mirai malware was released in October, which led to it being used in a number of distributed denial of service (DDoS) attacks. The attack that took down the DNS service provider Dyn gained the most attention as Twitter, Amazon, Spotify and other high-profile sites relied on  the company's services to operate online.

Researchers investigating the Mirai malware noted how it has become increasingly difficult for hackers to amass large botnets using connected devices, saying: “This release has caused many hackers to compete with one another for control of IoT devices that remain susceptible to Mirai malware. In order for these hackers to launch large-scale DDoS attacks successfully – outperform competitors who are vying to control the same type of devices.”

“Though not impossible, overcoming this competition is a considerable challenge and so far, the IoT botnet landscape appears to be saturated with too many would-be controllers and not enough new vulnerable devices.”

When the source code for the Mirai malware was released online it appeared as though it would give cybercriminals an edge when it came to launching large-scale DDoS attacks. Now though, the opposite appears to be true as they have all begun to compete for connected devices to aid in their attacks. 

Image Credit: Andriano.cz / Shutterstock

ABOUT THE AUTHOR

Anthony currently resides in South Korea where he teaches and experiences Korean technological advances first hand.