Cyber Security Center

What is Mirai


Mirai

Description:

“Mirai” is a malicious code that takes over various devices that run on Linux OS. This may include webcams, routers, etc. Devices infected with Mirai become part of a huge botnet, which is already known for carrying out large DDoS attacks. In addition to this malicious activity, devices in the botnet scan IP addresses looking for new victims, and try to access them with passwords from a default password table.

The affected devices work normally and remain infected until reboot. If the password is not immediately changed, the device becomes infected again.

Recommendations:

  • Change the default password to a secure one and change it regularly;
  • Update your internal firmware software if possible;
  • Disable unused services on your device;
  • If the device is used solely on a local network, disable access to the device from the Internet;
  • If the device must be accessible from the Internet, limit access by IP addresses, IP networks, and countries;
  • Check the availability of the device from an external network.