Best Top Reviews Online

Adds a Dozen New Exploits that Target Enterprise IoT Devices to the Mirai Variant

Researchers have discovered a new variant of the infamous Mirai Internet of Things botnet, which this time targets embedded devices intended for use in business environments in an attempt to seize control of greater bandwidth and launch devastating DDoS attacks.

Even though the original developers of the Mirai botnet have been arrested and imprisoned, variants of the infamous IoT malware, such as Satori and Okiru, continue to emerge due to the availability of its source code on the Internet since 2016.

Mirai is a well-known IoT botnet malware that emerged in 2016 and is capable of infecting routers, security cameras, DVRs, and other smart devices that typically use default credentials and run outdated versions of Linux. It then enslaves the compromised devices to form a botnet, which is then used to launch DDoS attacks.

New Mirai Variant Targets Enterprise Internet of Things Devices

Now, researchers from Palo Alto Network Unit 42 have identified the newest variant of Mirai, which targets enterprise-focused devices for the first time, including WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs.

The Mirai variant adds eleven new exploits to its “multi-exploit battery” for a total of twenty-seven exploits, as well as a new set of “unusual default credentials” for brute force attacks against Internet-connected devices.

“These new features provide the botnet with a large attack surface,” Unit 42 researchers wrote in a Monday blog post. “Targeting enterprise links in particular grants the botnet access to larger bandwidth, resulting in greater firepower for DDoS attacks.”

While an exploit for remote code execution in LG Supersign televisions (CVE-2018-17173) was released in September of last year, exploit code for a command-injection flaw in the WePresent WiPG-1000 was published in 2017.

In addition to these two exploits, the new Mirai variant targets diverse embedded hardware, including:

  • Linksys routers
  • ZTE routers
  • DLink routers
  • Network Storage Devices
  • NVRs and IP cameras

After identifying and scanning for vulnerable devices, the malware retrieves the new Mirai payload from a compromised website and downloads it on a target device, which is then added to the botnet network and can be used to launch HTTP Flood DDoS attacks.

The infamous botnet Mirai was responsible for record-breaking DDoS attacks, including those against France-based hosting provider OVH and Dyn DNS service, which crippled some of the world’s largest websites, including Twitter, Netflix, Amazon, and Spotify.

After its source code was made public in October 2016, Mirai-based attacks experienced a sudden increase, allowing attackers to upgrade the malware threat with newly disclosed exploits according to their needs and targets.

“These [new] developments highlight the importance for businesses to be aware of the IoT devices on their network, change default passwords, and ensure devices are patched to the most recent version,” researchers said.

“As a last resort, remove from the network any devices that cannot be patched.”

So what’s the takeaway? Ensure that you change the default passwords for your internet-connected devices as soon as you bring them home or to the office, and that you always install the latest security patches.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus
380K Kubernetes API Servers Exposed to Public Internet

May 20, 2022

More than 380,000 of the more than 450,000 servers hosting the open-source container-orchestration engine for managing cloud deployments permit access in some form. Researchers have discovered that more than 380,000 Kubernetes API servers provide access to the public internet, making…

Get more info



Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to As an Amazon Associate I earn from qualifying purchases.


Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of