Re: Mirai botnet is back — now as "Meris"

• Previous message (by thread): Re: Mirai botnet is back — now as "Meris"
• Next message (by thread): PeeringDB 2021 User Survey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

No rest for the wired 🙂
________________________________
From: NANOG <nanog-bounces+mel=beckman.org at nanog.org> on behalf of Töma Gavrichenkov <ximaera at gmail.com>
Sent: Thursday, September 9, 2021 10:07 AM
To: Brandon Svec <bsvec at teamonesolutions.com>
Cc: NANOG <nanog at nanog.org>
Subject: Re: Mirai botnet is back — now as "Meris"

Peace,

On Thu, Sep 9, 2021 at 7:57 PM Brandon Svec via NANOG <nanog at nanog.org> wrote:
> Oof.  I wonder if there is any connection to their DDNS service outage a couple days ago?
> https://forum.mikrotik.com/viewtopic.php?t=178256

No, hardly any.  That one seems to be just a DNS abuse
reporting/delegation issue.

...well, by some wild extension one could imagine that the botnet
operator reported some fake issue just to have the vendor's
infrastructure blocked.  Therefore, IoT vendors that don't enforce
security updates on the devices they sell, should expect criminals to
go to great lengths to keep their update servers and the
infrastructure down once some RCE vulnerabilities are found.  But
that's a wild extension.

--
Töma
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210909/4f1db458/attachment.html>

• Previous message (by thread): Re: Mirai botnet is back — now as "Meris"
• Next message (by thread): PeeringDB 2021 User Survey
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]