Skip to main content

Massive 'test' cyberattacks using Mirai botnet temporarily knock out Liberia's internet

A Mirai botnet was used to flood the target with fake traffic and cripple its servers.

The same deadly malware behind the historic internet outage in the US in October seems to have been used to target the African nation of Liberia over the past week through a series of short attacks, temporarily taking the country offline . IT security researcher Kevin Beaumont wrote on Thursday (3 November) that these were distributed denial of service (DDoS) attacks. They harnessed a network of compromised computers to create a Mirai botnet, which was designed to flood its target with fake traffic and cripple its servers.
In October, a massive botnet powered by the Mirai malware targeted DNS provider Dyn to take down a portion of the internet in the US and parts of Europe, preventing users from accessing multiple major websites including Twitter, Netflix, Reddit and others. Beaumont said that the same cyberweapon was used to temporarily take down Liberia's internet as well using a Mirai botnet known as Botnet 14.

"Liberia has one internet cable, installed in 2011, which provides a single point of failure for internet access," Beaumont wrote. "From monitoring we can see websites hosted in country going offline during the attacks... The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state."
Dale Drew, chief security officer at Level 3 Communications also confirmed to ZDNet that it had "witnessed an attack against a telecommunications company in Liberia" powered by the Mirai botnet.
An employee at one Liberian mobile service provider reportedly confirmed the attacks saying they were already affecting business in the small African country, PC World reports.
Beaumont noted that one transit provider confirmed the short, intermittent attacks were over 500Gbps in size, adding that Botnet 14 is "extremely successful at attacking things."
"It is the largest of the Mirai botnets and the domain controlling it predates the attacks on Dyn," Beaumont wrote. "The capacity makes it one of the biggest DDoS botnets ever seen. Given the volume of traffic, it appears to be owned by the actor which attacked Dyn."
The October attack targeting Dyn measured 1.1tbps and was powered by thousands of infected IoT devices such as web cameras and digital recorders.
Earlier in October, the source code for the Mirai malware was leaked by a hacker group to the public. Security researcher Brian Krebs warned that the dangerous leak would "virtually guarantee that the internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."
While it is still not clear who was responsible for the Liberian attacks, Beaumont noted that the attacks are likely a test.
The cyberattacks targeting Liberia were also tweeted by a Twitter account called @MiraiAttacks which monitors and tweets about attacks as they are occurring. After mentioning the Liberian attack, Beaumont then noticed that the Twitter account seemed to name him in a subsequent post, leading him to dub the botnet "Shadows Kill."
"When I started to see messages in the attack commands clearly written towards those monitoring, it felt really strange," Beaumont told Quartz. "When they mentioned what I presume to be me, it was clear they were reading my tweets, and that was... interesting. I believe they are trying to silence research."

Comments

Popular posts from this blog

Liberian Superstar Bucky Raw Is Currently Being Deported From The USA To Liberia

Liberian superstar, Bucky Raw who has been in jail since October 2017, for domestic violence charges, is currently being deported to his homeland, Liberia, for violating his parole, according to inside source.  The artist released a heartwarming letter to his fans few days ago, assuring them that he will be back very soon. Unfortunately, his return won't be in the manner expected.  To be continued.......

Former Liberian Artist Yung Muse Renounces Liberian Citizenship - Waving Nigerian Flag High On Social Media

It is unconfirmed if the SNG artist, Yung Muse has legally dropped his Liberian nationality, but one thing for sure, it is dropped off his social media page.  Yung Muse who is known for trying to sing and act like a Nigerian, is no longer waving his Liberian flag. On the artist Instagram page, he is waving the Nigerian flag high and there is no trace of his Liberian roots on his page.  It is very clear that he doesn't want to be identify as a Liberian. So be it. check out his Instagram page below. 




'Aw!' 10 Adorable Photos of Quincy B's Daughter and Mom

Losing Quincy B was very sad, but he sure left a beautiful bundle of joy. Qadira Borrow at age one and mom  -- photographed by Lorenzo Loveland.