Tue. Jul 14th, 2020

New MIRAI IoT worm variant is infecting a wide range of home router worldwide

2 min read

Nowadays, more and more household appliances are beginning to integrate network connection functions for easy control, but networking may also become a typical IoT chicken because of the vulnerability. Although most IoT chickens are infected and do not cause much damage to home users, they may be exploited to launch large-scale cyber attacks.

A few days ago, Paloaltonetworks released the latest botnet tracking report, which talks about the new MIRAI IoT worm infection. The open-source IoT worm MIRAI, which caused large-scale network disconnection in the east coast of the United States in the fall of the previous year, has now appeared in several different versions.

Image: paloaltonetworks

The primary targets of these variants are still home routers and webcam devices, as well as networked air conditioner refrigerator washing machines. Although home routers and webcams, as well as air-conditioner refrigerators and washing machines, are targets of MIRAI, people can’t deliberately target them.


Because MIRAI’s architecture is to use the Internet of Things device to expose vulnerabilities, public passwords, that is, unmodified default passwords for search and infection. This is why MIRAI can explode in a brief period, and each infected device becomes a node that infects more devices.


OMNI is a variant of the MIRAI worm. Unlike the original MIRAI, OMNI added up to 11 exploitable vulnerabilities and password tables. Therefore, devices that are networked and have weaknesses or that do not have a modified default password are likely to be infected by OMNI and then component botnets.

At present, OMNI has set up a large-scale botnet to be exploited and launched. These botnets have hundreds of thousands or even hundreds of thousands of devices. This mass of botnets can pose a threat to any website or service, after which most sites are not able to withstand terabytes of DDoS attacks.

Whether it is a router, a camera or a variety of household appliances that can be networked, the initial default management password must be modified for password management.

At the same time, it is necessary to upgrade the new firmware in time to block known security vulnerabilities. If a product has not released new firmware for a long time, it should be vigilant.

The security of the router is more important than that of the home appliance because if it is infected, the attacker can also monitor traffic or even hijack the DNS.

These operations may cause you or your family to fall into a phishing website, reveal various account passwords and then be defrauded or stolen to create financial losses.