Brace yourselves—source code powering potent IoT DDoSes just went public

Enlarge (credit: Michael Theis)

A hacker has released computer source code that allows relatively unsophisticated people to wage the kinds of extraordinarily large assaults that recently knocked security news site KrebsOnSecurity offline and set new records for so-called distributed denial-of-service attacks.

KrebsOnSecurity's Brian Krebs reported on Saturday that the source code for "Mirai," a network of Internet-connected cameras and other "Internet of things" devices, was published on Friday. Dale Drew, the chief security officer at Internet backbone provider Level 3 Communications, told Ars that Mirai is one of two competing IoT botnet families that have recently menaced the Internet with record-breaking distributed denial-of-service (DDoS) attacks—including the one that targeted Krebs with 620 gigabits per second of network traffic, and another that hit French webhost OVH and reportedly peaked at more than 1 terabit per second

Until now, the botnets created with the newer and technically more sophisticated Mirai have been greatly outnumbered by those based on its rival Bashlight, with about 233,000 infected devices versus 963,000 respectively. Friday's release could allow the smaller and more disciplined Mirai, which Russian antivirus provider Dr. Web briefly profiled last week, to go mainstream. That, in turn, could turn the mass compromise of cameras and other Internet-connected devices into a full-blown epidemic that could push record DDoSes to ever-higher volumes. In an e-mail to Ars, Drew wrote:

Read 7 remaining paragraphs | Comments