nanog mailing list archives
Re: Mirai botnet is back — now as "Meris"
From: Mel Beckman <mel () beckman org>
Date: Thu, 9 Sep 2021 21:10:46 +0000
No rest for the wired 🙂 ________________________________ From: NANOG <nanog-bounces+mel=beckman.org () nanog org> on behalf of Töma Gavrichenkov <ximaera () gmail com> Sent: Thursday, September 9, 2021 10:07 AM To: Brandon Svec <bsvec () teamonesolutions com> Cc: NANOG <nanog () nanog org> Subject: Re: Mirai botnet is back — now as "Meris" Peace, On Thu, Sep 9, 2021 at 7:57 PM Brandon Svec via NANOG <nanog () nanog org> wrote:
Oof. I wonder if there is any connection to their DDNS service outage a couple days ago? https://forum.mikrotik.com/viewtopic.php?t=178256
No, hardly any. That one seems to be just a DNS abuse reporting/delegation issue. ...well, by some wild extension one could imagine that the botnet operator reported some fake issue just to have the vendor's infrastructure blocked. Therefore, IoT vendors that don't enforce security updates on the devices they sell, should expect criminals to go to great lengths to keep their update servers and the infrastructure down once some RCE vulnerabilities are found. But that's a wild extension. -- Töma
Current thread:
- Mirai botnet is back — now as "Meris" Töma Gavrichenkov (Sep 09)
- Re: Mirai botnet is back — now as "Meris" Mike Hammett (Sep 09)
- Re: Mirai botnet is back — now as "Meris" Brandon Svec via NANOG (Sep 09)
- Re: Mirai botnet is back — now as "Meris" Töma Gavrichenkov (Sep 09)
- Re: Mirai botnet is back — now as "Meris" Mel Beckman (Sep 09)
- Re: Mirai botnet is back — now as "Meris" Töma Gavrichenkov (Sep 09)