New Mirai-Linked Iot Botnet Threatens Global Internet Take-Down

 Just a year after Mirai malware held the world to ransom when it enslaved millions of IoT devices into a botnet network which cyber-criminals used in launching massive DDoS attacks -- disrupting several internet services around the world. Security researchers however, warns that last year occurrence might repeat itself.

 Spotted first in September by security researchers at QIhoo 360, the new malware which is dubbed "IoT_reaper", doesn't depend  cracking weak passwords in IoT devices to enslave them into botnet network but instead exploits for vulnerablities.

Also Read: The Mirai threat: How Hackers could shut off 23 Countries access to the internet

 The malware attempts to exploit several vulnerablities commonly found in different IoT devices. Targeted manufactures includes: D-link, TP-Link, AVTECH, NETGEAR, MikroTik, JAWS, GoAheada, Vacron, Synology and others.

Researchers believe that IoT_reaper malware has infected nearly 2 million devices with an infection rate of 10,000 new devices per day.

A check carried out by CheckPoint on an infected GoAhead device revealed that the attackers accessed the System.ini file to check for compromise. Normally, the System.ini file is contains the credentials of the user, but on the hacked device it contained a 'Netcat' command that opens a reverse shell to the attackers IP instead!

The check revealed that he GoAhead device which was infected using the CVE-2017-8225 vulnerability, was actually transmitting the malware after being infected. This actually explains the fast rate in which the malware is spreading.

As of now, those behind this are still unknown but one thing that is clear here is that the actors are preparing for a massive global attack.

 Researchers at CheckPoint also warned of the forth coming attack;

"Our researcher suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come."

Man In Court For Launching Several Ddos Attacks On Former Employer, Police, Courts And Others

A New Mexican man has been dragged to court for launching distributed denial of service (DDoS) attacks against business competitors, public services and also the websites of his former employers.

The accused, John Kelsey Gammell, 55, who is a convicted felon that had been prohibited from possessing firearm and ammunition, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer in the US.

 Gammell admitted to launching several DDoS attacks on websites in the US between July 2015 and March 2017.

DDoS attacks carried out by Gammell were targeted at companies that he worked for before and those that refused to hire his service. Apart from those attacks mentioned above, he also targeted law enforcement websites, his business competitors, Colleges and others.


 According to the department of justice, Gammell purchased DDoS for hire service from several DDoS companies such as Inboot, Booter.xyz, CStress, VDos to launch his attacks. To make his transactions and his location untraceable, Gammell used  IP addresses to hide his address and location whenever he hired the service of those DDoS for hire sites.

 The accused used spoofed emails to transact as well as using cryptocurrency as his form of making payments. He also used encryption and drive-cleaning tools to hide digital evidence.

Victims of Gammell's cyber attack includes the Minnesota State Courts, Dakota County Technical College, Washburn Computer Group, the Hennepin County Sheriff's office, and many others.

Gammell is scheduled to face sentencing at a later date.

Mirai Botnet Creators Pleads Guilty For Roles In Cyberattacks

Three men have pleaded guilty to federal cyber-crime charges which includes creating a botnet know as Mirai which was used to take down a huge part of the internet in 2016.

  According to documents revealed on Wednesday, Paras Jha,21, Josiah White,20, and Dalton Norman,21, admitted to one count of conspiracy in a plea agreement filed this month.

 Federal prosecutors in Alaska and New Jersey have accused the three hackers of creating and using the Mirai botnet to hijack vulnerable internet-connected devices which they used in launching several distributed denial-of-service (DDoS) attacks.

Also read: Canadian Army recruitment site hacked and redirected to Chinese Government site

 A distributed denial-of service (DDoS) attack is used to disrupt online services by sending spam traffics in their thousands, millions, billions and even terabytes so as to knock that particular service offline. This is usually conducted via a botnets of ensnared vulnerable devices such as routers, webcams and other IoTs.

  According to Jha plea agreement. The filling says the 21-year who is a former Rutgers University computer science student "conspired to conduct DDoS attacks against websites and web hosting companies located in the United States and abroad," and then demanded payment to put a stop to the attack.

Jha admitted to have release the Mirai source code to the public which was then used by cyber-criminals to conduct several DDoS attacks in 2016 on top internet services such as Netflix,Twitter, Reddit, Spotify, Theverge, BBC, Dyn, Pinterest, xbox.com and others

However, prosecutors on the case have said that they do not believe that three men were responsible for the attacks in 2016 as Jha had already posted the code to online forums which was then used by cybercriminals to cause havoc worldwide.

Also read: Liberia's entire internet attacked with Mirai Botnet14, UK threatened

Jha and Norman also pleaded guilty to a separate conspiracy charge for using another powerful botnet for a clickfraud scheme, to generate fake clicks which they used in defrauding advertisers.

 White has pleaded guilty to creating the Mirai scanner which scans vulnerable devices which are then enslaved in the botnet. Norman too has admitted to developing exploits which they built into the botnet.

  The three hackers were all a fan of Japenese anime called 'Mirai Nikki' and so named the botnet Mirai. The name Mirai Nikki means 'future diary' diary in English.

Man In Court For Launching Several Ddos Attacks On Former Employer, Police, Courts And Others

A New Mexican man has been dragged to court for launching distributed denial of service (DDoS) attacks against business competitors, public services and also the websites of his former employers.

The accused, John Kelsey Gammell, 55, who is a convicted felon that had been prohibited from possessing firearm and ammunition, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer in the US.

 Gammell admitted to launching several DDoS attacks on websites in the US between July 2015 and March 2017.

DDoS attacks carried out by Gammell were targeted at companies that he worked for before and those that refused to hire his service. Apart from those attacks mentioned above, he also targeted law enforcement websites, his business competitors, Colleges and others.


 According to the department of justice, Gammell purchased DDoS for hire service from several DDoS companies such as Inboot, Booter.xyz, CStress, VDos to launch his attacks. To make his transactions and his location untraceable, Gammell used  IP addresses to hide his address and location whenever he hired the service of those DDoS for hire sites.

 The accused used spoofed emails to transact as well as using cryptocurrency as his form of making payments. He also used encryption and drive-cleaning tools to hide digital evidence.

Victims of Gammell's cyber attack includes the Minnesota State Courts, Dakota County Technical College, Washburn Computer Group, the Hennepin County Sheriff's office, and many others.

Gammell is scheduled to face sentencing at a later date.

Mirai Botnet Creators Pleads Guilty For Roles In Cyberattacks

Three men have pleaded guilty to federal cyber-crime charges which includes creating a botnet know as Mirai which was used to take down a huge part of the internet in 2016.

  According to documents revealed on Wednesday, Paras Jha,21, Josiah White,20, and Dalton Norman,21, admitted to one count of conspiracy in a plea agreement filed this month.

 Federal prosecutors in Alaska and New Jersey have accused the three hackers of creating and using the Mirai botnet to hijack vulnerable internet-connected devices which they used in launching several distributed denial-of-service (DDoS) attacks.

Also read: Canadian Army recruitment site hacked and redirected to Chinese Government site

 A distributed denial-of service (DDoS) attack is used to disrupt online services by sending spam traffics in their thousands, millions, billions and even terabytes so as to knock that particular service offline. This is usually conducted via a botnets of ensnared vulnerable devices such as routers, webcams and other IoTs.

  According to Jha plea agreement. The filling says the 21-year who is a former Rutgers University computer science student "conspired to conduct DDoS attacks against websites and web hosting companies located in the United States and abroad," and then demanded payment to put a stop to the attack.

Jha admitted to have release the Mirai source code to the public which was then used by cyber-criminals to conduct several DDoS attacks in 2016 on top internet services such as Netflix,Twitter, Reddit, Spotify, Theverge, BBC, Dyn, Pinterest, xbox.com and others

However, prosecutors on the case have said that they do not believe that three men were responsible for the attacks in 2016 as Jha had already posted the code to online forums which was then used by cybercriminals to cause havoc worldwide.

Also read: Liberia's entire internet attacked with Mirai Botnet14, UK threatened

Jha and Norman also pleaded guilty to a separate conspiracy charge for using another powerful botnet for a clickfraud scheme, to generate fake clicks which they used in defrauding advertisers.

 White has pleaded guilty to creating the Mirai scanner which scans vulnerable devices which are then enslaved in the botnet. Norman too has admitted to developing exploits which they built into the botnet.

  The three hackers were all a fan of Japenese anime called 'Mirai Nikki' and so named the botnet Mirai. The name Mirai Nikki means 'future diary' diary in English.

Man In Court For Launching Several Ddos Attacks On Former Employer, Police, Courts And Others

A New Mexican man has been dragged to court for launching distributed denial of service (DDoS) attacks against business competitors, public services and also the websites of his former employers.

The accused, John Kelsey Gammell, 55, who is a convicted felon that had been prohibited from possessing firearm and ammunition, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer in the US.

 Gammell admitted to launching several DDoS attacks on websites in the US between July 2015 and March 2017.

DDoS attacks carried out by Gammell were targeted at companies that he worked for before and those that refused to hire his service. Apart from those attacks mentioned above, he also targeted law enforcement websites, his business competitors, Colleges and others.


 According to the department of justice, Gammell purchased DDoS for hire service from several DDoS companies such as Inboot, Booter.xyz, CStress, VDos to launch his attacks. To make his transactions and his location untraceable, Gammell used  IP addresses to hide his address and location whenever he hired the service of those DDoS for hire sites.

 The accused used spoofed emails to transact as well as using cryptocurrency as his form of making payments. He also used encryption and drive-cleaning tools to hide digital evidence.

Victims of Gammell's cyber attack includes the Minnesota State Courts, Dakota County Technical College, Washburn Computer Group, the Hennepin County Sheriff's office, and many others.

Gammell is scheduled to face sentencing at a later date.

Ubisoft Games Suffers Massive Ddos Attacks, Servers Goes Offline

France based video game publisher Ubisosft on Tuesday, July 17th 2018 suffered several series of DDoS attacks (distributed denial-of-service) which sent several of their gaming servers offline.

A DDoS attack occurs when an attacker(s) send junk traffic from multiple systems to flood the bandwidth or resource of a targeted system so as to force it offline. The targeted system or server at the receiving end usually gets knocked out when their resource have been exhausted while trying to handle the overwhelming traffic.

Ubisoft acknowldegd the DDoS attack which knocked out several of their servers including Ghost Recon Wildlands. However, Honor and Far Cry 5 were facing connectivity issues.


A Tweet from Ubisoft's customer support Twitter handle confirmed the outage and said they were working on to mitigate the attacks.

"We're currently monitoring DDoS attacks impacting Ubisoft services and causing players to be unable to connect to games. The attacks are focused on our games connections and server latency, which we are working on mitigating. Thank you for your patience as we resolve this," the tweet read.

We’re currently monitoring DDoS attacks impacting Ubisoft services and causing players to be unable to connect to games. The attacks are focused on our games connections and server latency, which we are working on mitigating. Thank you for your patience as we resolve this.

— Ubisoft Support (@UbisoftSupport) July 17, 2018

As of now, it is still unclear who was behind the attack or what their motive for the was. However, during the attack, concerned users kept asking questions, of which one user asked if the DDoS attack posed any risk to their personal information or if there was need for them to change their password.

In response, Ubisoft said, "We haven't had any indications that any information would be at risk." DDoS attack is the result of multiple compromised systems (botnet) which are used in flooding the victim with junk traffic.

Also Read: Teenager who hacked Donald Trump, Clinton, Obama, CIA, FBI and others gets prison sentence

The aim of a DDoS attack is to send the targeted system offline. DDoS attack do not pose any risk to users data unless the attacker has already had access to their system via another means.

A tweet from Ubisoft later in the day suggest the company was able to resolve and restore the service outage.

"Thanks for the update! This situation is now resolved, and we are continuing to monitor the situation," the tweet read.

Ubisoft Games Suffers Massive Ddos Attacks, Servers Goes Offline

France based video game publisher Ubisosft on Tuesday, July 17th 2018 suffered several series of DDoS attacks (distributed denial-of-service) which sent several of their gaming servers offline.

A DDoS attack occurs when an attacker(s) send junk traffic from multiple systems to flood the bandwidth or resource of a targeted system so as to force it offline. The targeted system or server at the receiving end usually gets knocked out when their resource have been exhausted while trying to handle the overwhelming traffic.

Ubisoft acknowldegd the DDoS attack which knocked out several of their servers including Ghost Recon Wildlands. However, Honor and Far Cry 5 were facing connectivity issues.


A Tweet from Ubisoft's customer support Twitter handle confirmed the outage and said they were working on to mitigate the attacks.

"We're currently monitoring DDoS attacks impacting Ubisoft services and causing players to be unable to connect to games. The attacks are focused on our games connections and server latency, which we are working on mitigating. Thank you for your patience as we resolve this," the tweet read.

We’re currently monitoring DDoS attacks impacting Ubisoft services and causing players to be unable to connect to games. The attacks are focused on our games connections and server latency, which we are working on mitigating. Thank you for your patience as we resolve this.

— Ubisoft Support (@UbisoftSupport) July 17, 2018

As of now, it is still unclear who was behind the attack or what their motive for the was. However, during the attack, concerned users kept asking questions, of which one user asked if the DDoS attack posed any risk to their personal information or if there was need for them to change their password.

In response, Ubisoft said, "We haven't had any indications that any information would be at risk." DDoS attack is the result of multiple compromised systems (botnet) which are used in flooding the victim with junk traffic.

Also Read: Teenager who hacked Donald Trump, Clinton, Obama, CIA, FBI and others gets prison sentence

The aim of a DDoS attack is to send the targeted system offline. DDoS attack do not pose any risk to users data unless the attacker has already had access to their system via another means.

A tweet from Ubisoft later in the day suggest the company was able to resolve and restore the service outage.

"Thanks for the update! This situation is now resolved, and we are continuing to monitor the situation," the tweet read.