back to article Origin of the beasties: Mirai botnet missing link revealed as DVR player

Security researchers have discovered a "missing link" in the Mirai botnet that may prompt a rethink in what makes up the zombie network. The release of Mirai's source code in early October revealed that malware scans for telnet before attempting to hack into devices, using a brute-force attack featuring 61 different user/ …

  1. tiggity Silver badge

    Only by luck

    Glad my DVR is not network connected, though given the default install was really really insistent on network connectivity I can see why lots of people set it up (all a bit pointless for me as I dont do Netflix and various other services it claimed to support & why would I want Freeview plus over my internet connection, the whole point of a DVR is so I can record stuff & thus not miss it!) - as Netflix and other services are v. popular with many people, no surprise so many DVRs are connected (and that for those users the connectivity is thus potentially useful).

    Who knows, If I was a Netflix user I might even have been tempted to set up networking

  2. Cuddles Silver badge

    Does it matter?

    The issue here is that millions of devices are being connected to the internet, often completely unnecessarily, with default (or even hardcoded) usernames and passwords and effectively no security. Exactly which devices are targeted in a given attack doesn't appear to be relevant at all, the attack and the results are exactly the same.

    1. Anonymous Coward
      Anonymous Coward

      Re: Does it matter?

      Hardcoded passwords with IPv6 will be malware nirvana once the enough ISP's support it as very few home networks will stop the traffic, even if they see it.

      Then of course there will be a push for each individual internet connected device to be identified and it's location constantly monitored "for the safety of the children".

      Colour me a cynical, firewalled, NATed, luddite.

      1. springsmarty

        Re: Does it matter?

        I'm pretty sure that most if not all IPv6 implementations have a default inbound firewall. NAT really does little or nothing in terms of adding security.

    2. Alan Brown Silver badge

      Re: Does it matter?

      Yet more IPv6 FUD.

      Most IPv6 boxes offer the same firewalling on IPv6 as they offer on IPv4. The only difference being that they don't need to do NAT as well (they're also usually operated in lockstep, so opening external port80 on the IPv4 external interface to internal host Foo port 80 opens access to Foo port 80 on ipv6 too)

      Some have independent IPv4/IPv6 firewalling rules but they invariably default to the same as IPv4 - block everything inbound unless requested otherwise or opened by a helper app.

      1. Anonymous Coward
        Anonymous Coward

        Re: Does it matter?

        Interesting please cite some examples, not being funny I genuinely want to know which of the consumer brands or models you are referring to.

        At least two brands I have been looking at in the last few days/hours do not firewall IPv6 well at all.

        1. Alan Brown Silver badge

          Re: Does it matter?

          AVM and Linksys, both of which I've tested here.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020