Tuesday, October 15, 2024
HomeBotnetMirai Variant Launches 54 Hours DDoS Attack Generated 2.8 Billion Requests...

Mirai Variant Launches 54 Hours DDoS Attack Generated 2.8 Billion Requests in US college

Published on

Malware protection

Mirai Variant launched continues DDoS in unnamed college in U.S  and it performed  54 Hours continuously  and  researchers believe it is a new variant of Mirai, one that is “more adept at launching application layer assaults.”

Researchers informed the Traffic flow around “30,000 RPS and peaked at around 37,000 RPS” and it is on of the hight amount of bots performed attack around  “2.8 Billion Requests” in Mirai botnet History .

Researcher’s watched a pool of attacking devices typically connected with Mirai, for example, CCTV cameras, DVRs and switches.

- Advertisement - SIEM as a Service

Assault movement began from 9,793 IPs around the world, however 70% of the botnet activity originated from 10 nations,During the 54-hour DDoS attack on the college.

Researchers from Imperva Incapsula said ,

The DDoS bots used in the attack were hiding behind different user-agents than the five hardcoded in the default Mirai version. This–and the size of the attack itself–led us to believe that we might be dealing with a new variant, which was modified to launch more elaborate application layer attacks.

Attack Origin Nations

Image source :Imperva Incapsula

The U.S. topped the rundown by having 18.4 percent of the botnet IPs. Israel was next with 11.3 percent, trailed by Taiwan with 10.8 percent.

The staying seven nations of the main 10 were India with 8.7 percent, Turkey with 6 percent, Russia with 3.8 percent, Italy and Mexico both with 3.2 percent, Colombia with 3 percent and Bulgaria with 2.2 percent of the botnet activity.

Less than a day after the initial assault ended, another one began that lasted for an hour and a half with an average traffic flow of 15,000 RPS, Imperva Incapsula said .

Also Read:

Latest articles

Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code

Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to...

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...

CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies...

TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs

The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

GorillaBot Emerged As King For DDoS Attacks With 300,000+ Commands

The newly emerged Gorilla Botnet has exhibited unprecedented activity, launching over 300,000 DDoS attacks...

Flax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various Devices

The Five Eyes agencies recently released a joint cybersecurity advisory detailing a new botnet,...

Researchers Detailed Raptor Train Botnet That 60,000+ Compromised Devices

Researchers discovered a large, Chinese state-sponsored IoT botnet, "Raptor Train," that compromised over 200,000...