Mirai now has a Windows spin
The march of the infamous Mirai botnet continues, with Kaspersky having found the first Windows-based spreader for the malware.
You probably remember Mirai from last year – it was the source of a huge number of infections which powered some massive DDoS attacks. Well, now the code (which was made openly available online in 2016) has been crafted to make a Windows botnet, likely by a Chinese speaking malware author according to the security firm (going by language clues in the coding, and similar signposts).
Kaspersky notes that the components and techniques used in the new spreader may be a few years old, but on an overall level it’s “richer and more robust” than the original Mirai code, and its developer appears to have more sophisticated skills than those behind last year’s DDoS campaigns.
That said, the security company notes that the ability to spread Mirai is limited here, because the malware has to brute-force a remote telnet connection in order to propagate bots from a Windows machine to vulnerable Linux IoT gadgets .