March 20, 2019 By David Bisson 2 min read

Researchers spotted a new Mirai variant targeting presentation systems and display devices commonly used by businesses.

Palo Alto Networks first observed the new variant in January 2019. The researchers quickly noted that the version of the infamous internet of things (IoT)/Linux botnet wasn’t just capable of targeting common IoT devices such as routers, IP cameras and network storage devices; it also came equipped with exploits for both WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. Enterprises are the primary users of these technologies, which could signify that Mirai is adjusting its range of targets to include businesses.

Of the 27 exploits that came with this latest Mirai variant, 11 were new. The campaign used the compromised website of a Colombian business specializing in “electronic security, integration and alarm monitoring” to host its malicious payload.

The Latest Marai Variant to Hit the Botnet Scene

This is just the latest in a long string of Mirai variants to emerge in recent years. In March 2017, Imperva discovered a new version that had improved its ability to launch application-layer distributed denial-of-service (DDoS) attacks. Less than a year later, Infosecurity Magazine reported on the birth of Okiru, a Mirai member known for targeting ARC processors.

In the next six months, a cybercriminal released a link with the source code for seven new Mirai variants, as shared by Avast. Symantec spotted a version of the malware leveraging an open-source project as part of its attack campaigns a month later.

Strengthen Your Password Management and Incident Response

Security professionals should set up password managers to store strong, complex passwords for all corporate devices, including IoT assets. This should be part of a broader policy-based approach to password management across the organization. Lastly, security leaders should create an incident response team to help patch vulnerable IoT devices and disclose any security events involving those products should they occur.

More from

Poland spending $760 million on cybersecurity after attack

3 min read - Visitors to the Polish Press Agency (PAP) website on May 31 at 2 p.m. Polish time were met with an unusual message. Instead of the typical daily news, the state-run newspaper had supposedly published a story announcing that a partial mobilization, which means calling up specific people to serve in the armed forces, was ordered by Polish Prime Minister Donald Tusk beginning on July 1, 2024. Deputy Prime Minister Krzysztof Gawkowski refuted the claim on X (formerly Twitter). His post…

How generative AI Is expanding the insider threat attack surface

3 min read - As the adoption of generative AI (GenAI) soars, so too does the risk of insider threats. This puts even more pressure on businesses to rethink security and confidentiality policies.In just a few years, artificial intelligence (AI) has radically changed the world of work. 61% of knowledge workers now use GenAI tools — particularly OpenAI’s ChatGPT — in their daily routines. At the same time, business leaders, often partly driven by a fear of missing out, are investing billions in tools…

Water facilities warned to improve cybersecurity

3 min read - United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity.Water and wastewater systems are one of the 16 critical infrastructures in the U.S. The definition for inclusion in this category is that the industry must be so crucial to the United States that “the incapacity or destruction of such systems and assets would have a…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today