Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Profile

 [metaslider id=2951] … Read More

  • Home
  • Profile
    • Contact Us
    • Security News
    • White Papers
  • Services
    • Compliance Regulations
      • PCI DSS Suite of Products
      • HIPAA/Hitech
      • SOX – Sarbanes Oxley
      • DCID 6/3/NISPOM Chapter 8/JAFAN DoD
      • NERC/FERC
    • Industry Consulting and Implementation
      • Banking and Financial
      • Energy/Utilities
      • Healthcare
      • Retail/Hospitality
    • Security Assessment
  • Security Solutions
    • Sophos
    • Endpoint Security Solutions
      • Bitdefender Business Solutions
      • Sophos Endpoint Protection
    • Forensic Solution – Threat Hunter
    • Network Access Control
      • NetShield
        • NetShield
    • NGFW – UTM – Perimeter Security
      • Sophos Network Protection
    • Security Awareness Training
      • KnowBe4 – Security Awareness Training
      • Sophos Phish Threat
  • White Papers
    • Sophos Webinar Series
  • Security News
    • Blog
    • Sophos Webinar Series
  • Free Security Tools

Mirai strikes again, leaving 1 million users offline

2016/11/30 by admin

By Luana Pascu – Hot for Security BitDefender

When security experts warned us that Mirai-infected connected devices would strike again, and 10-fold, they weren’t kidding. Almost 1 million internet users in Europe couldn’t get online this weekend following an organized cyberattack launched by 900,000 home routers exploited by Mirai malware, Deutsche Telekom confirmed.

The German internet provider announced that only some 5 percent out of its 20 million customer pool was directly affected by the botnet attack. Once they started fixing the problem, the percentage dropped to 2. The identity of the hackers is unknown for now, but ISC SANS reports most of the traffic comes from Brazil.

“The massive interference from connections of Deutsche Telekom, according to findings from the Federal Office for Security in Information Technology (BSI), follow a worldwide attack,” reads the abendblatt.de. “According to BSI, the attacks were also noticeable in the government-protected government network, but could be repelled with effective protection measures. “

The routers involved in the attack were made by Zykel and Speedport and had port 7547 open, according to SANS Internet Storm Center. They were used for TV and landline services. Attacks have increased against these ports, as they “appear to exploit a vulnerability in popular DSL routers.”

“The code appears to be derived from Mirai with the additional scan for the SOAP vulnerability. Currently, honeypots see about one request every 5-10 minutes for each target IP,” SANS Internet Storm Center found.

Deutsche Telekom has released a firmware update for the routers. As 41 million devices have been detected to have this port open, users with vulnerable routers are advised to run the update and, if possible, block the port.

Filed Under: Bitdefender, compliance, CyberThreats, endpoint, Products, Security News

Let us help answer any questions you may have

requestmoreinformation.fw

Security News and Updates

  • Was my information part of a breach?
  • Phishing and stolen credentials
  • Ransomware is the Biggest Threat for Small to Medium Businesses

RSS SecurityWeek

  • US Charges 20-Year-Old Head of Hacker Site BreachForums
  • Tesla Hacked Twice at Pwn2Own Exploit Contest
  • CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections

Contact

  • Contact Us

Request More Info

  • Request Quote

Site Map

  • Site Map

© Copyright 2016 Symtrex Inc. ; All Rights Reserved · Privacy Statement