Mirai Botnet aka Katana – Active IOCs

Mirai is an IoT-targeting malware that enrolls insecure devices into a botnet to launch large-scale DDoS attacks. The advisory outlines active IoCs (hashes) and remediation steps to secure vulnerable IoT assets and detect unusual traffic patterns. #MiraiBotnet #Katana #DonotAPTGroup #Dyn

Keypoints

The Mirai botnet infects Internet of Things (IoT) devices such as routers and cameras to perform DDoS attacks.
Propagation occurs by scanning for devices that use default or easily guessable passwords like “admin” or “password”.
Mirai’s impact includes server outages, data loss, and website downtime during large DDoS campaigns.
IoT devices’ limited resources and irregular security updates contribute to Mirai’s effectiveness and persistence.
New variants of Mirai have emerged since its discovery in 2016, continuing to pose evolving threats.
Remediation emphasizes strong credentials, regular updates, network monitoring, and IDS/IPS to detect anomalous traffic.
The Indicators of Compromise section lists specific file hashes used to identify Mirai activity and guides on blocking indicators.

MITRE Techniques

[T1110] Brute Force – The malware propagates by scanning the internet for devices that use default or easily guessable passwords. Quote: ‘scanning the internet for devices that use default or easily guessable passwords, such as “admin” or “password”.’
[T1071] Command and Control – The botnet is controlled via a C2 infrastructure to coordinate DDoS attacks. Quote: ‘the botnet can then be used to launch DDoS attacks on a target.’

Indicators of Compromise

[MD5] Malware file hashes – 560fcc834c9812ec8efe6e9f8248bd8e, 512a2b749aa3349d723bab576939b9c1, and other hashes
[SHA-256] Malware file hashes – ba08e92d3db4f86a4e429c5822d321c39ff7e8b5f3e2801466774868dccf7881, 3a8038c5c9841662552e945aedd2c7a70166c449fc36e807820da05ca652ec6f
[SHA-1] Malware file hashes – e7f2bf3d2cf258d2a43e283ad44084c27722e2be, 4d2587aa3dd6bad1d6bca9e4b07927be92c5ce60

Mirai Botnet aka Katana – Active IOCs – Rewterz