Persirai Botnet

The Persirai Botnet is likely to be another project inspired by the damage that the Mirai Botnet was able to cause. However, the operators of the Persirai Botnet have opted to avoid the random targeting methods that Mirai employed and, instead, their project focuses on exploiting vulnerable firmware and credentials found in particular IP cameras. There are over 120,000 Internet-connected IP cameras that may be vulnerable to the Persirai Botnet’s attack, and there is a significant chance that many of them might be members of this botnet without the knowledge of their owners.

One of the tricks that makes the Persirai Botnet more special is that it will use already infected IP cameras to look for more victims – the backdoor dropped on the infected device will attempt to use a zero-day exploit to retrieve the password file used on other IP cameras, therefore allowing the attacker to expand their network rapidly. Furthermore, the Persirai Botnet will patch the zero-day vulnerability in the infected devices, therefore preventing other attackers from seizing control of their botnet’s members.

Just like other modern botnets, the Persirai Botnet also is expected to be used for the execution of Distributed-Denial-of-Service (DDoS) attacks that may disrupt the work of certain Web servers and services. Often, the operators of these botnets may attempt to extort companies for money by promising to stop the attacks in exchange for money.

Protecting your IP cameras and other IoT (internet-of-things) devices from becoming part of a botnet is an easy task that requires you to use login credentials different from the default ones, as well as to apply firmware and security updates regularly.