New Botnet on the Block – Persirai

Darrell Kesti | May 16, 2017
Twitter: @darrell_kesti
Move over Mirai, there is a new IoT botnet on the block – Persirai (Persian Mirai). This has been an interesting one to watch. First, this botnet was recently discovered by cybersecurity researches at Trend Micro (article here) and it targets 1,000 different models of vulnerable IP Cameras…yeah you didn’t misread that, 1,000 different types of cameras. The Trend team so far has found 122,069 infected IP Cameras across the globe by leveraging the Shodan IoT Search engine. The compromised devices have been found in China, Japan, Europe, and the Americas. So, what makes Persirai tick, and more importantly here are a few tips to Detect, Respond, and Contain impacted devices in your network?
Here are a few key items that make Persirai unique:
OK, so we know how this thing works now. What can you do about it?
Stay tuned for future IoT based botnets, I have a feeling there are more to come.
Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591
Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134