Researchers spotted a new Mirai variant targeting presentation systems and display devices commonly used by businesses.

Palo Alto Networks first observed the new variant in January 2019. The researchers quickly noted that the version of the infamous internet of things (IoT)/Linux botnet wasn’t just capable of targeting common IoT devices such as routers, IP cameras and network storage devices; it also came equipped with exploits for both WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs. Enterprises are the primary users of these technologies, which could signify that Mirai is adjusting its range of targets to include businesses.

Of the 27 exploits that came with this latest Mirai variant, 11 were new. The campaign used the compromised website of a Colombian business specializing in “electronic security, integration and alarm monitoring” to host its malicious payload.

The Latest Marai Variant to Hit the Botnet Scene

This is just the latest in a long string of Mirai variants to emerge in recent years. In March 2017, Imperva discovered a new version that had improved its ability to launch application-layer distributed denial-of-service (DDoS) attacks. Less than a year later, Infosecurity Magazine reported on the birth of Okiru, a Mirai member known for targeting ARC processors.

In the next six months, a cybercriminal released a link with the source code for seven new Mirai variants, as shared by Avast. Symantec spotted a version of the malware leveraging an open-source project as part of its attack campaigns a month later.

Strengthen Your Password Management and Incident Response

Security professionals should set up password managers to store strong, complex passwords for all corporate devices, including IoT assets. This should be part of a broader policy-based approach to password management across the organization. Lastly, security leaders should create an incident response team to help patch vulnerable IoT devices and disclose any security events involving those products should they occur.

More from

Increasingly Sophisticated Cyberattacks Target Healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

4 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Machine Learning Applications in the Cybersecurity Space

3 min read - Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information from vast amounts of data and transform it into valuable business knowledge. While most industries use these techniques, they are especially prominent in the finance, marketing, healthcare, retail and cybersecurity sectors. Machine learning can also address new cyber threats. There…

3 min read

HHS Releases Hospital Cyber Resiliency Landscape Analysis

4 min read - On April 17, 2023, The U.S. Department of Health and Human Services (HHS) 405(d) Program announced the release of its Hospital Cyber Resiliency Initiative Landscape Analysis. This landmark analysis reports on domestic hospitals’ current state of cybersecurity preparedness. The scope of the HHS study was limited to activities that protect access to patient care and safety and reduce the negative impact of cyber threats on clinical operations. Breaches of sensitive data were considered only if the breach had a direct…

4 min read