Skip to main content

Massive 'test' cyberattacks using Mirai botnet temporarily knock out Liberia's internet

A Mirai botnet was used to flood the target with fake traffic and cripple its servers.

The same deadly malware behind the historic internet outage in the US in October seems to have been used to target the African nation of Liberia over the past week through a series of short attacks, temporarily taking the country offline . IT security researcher Kevin Beaumont wrote on Thursday (3 November) that these were distributed denial of service (DDoS) attacks. They harnessed a network of compromised computers to create a Mirai botnet, which was designed to flood its target with fake traffic and cripple its servers.
In October, a massive botnet powered by the Mirai malware targeted DNS provider Dyn to take down a portion of the internet in the US and parts of Europe, preventing users from accessing multiple major websites including Twitter, Netflix, Reddit and others. Beaumont said that the same cyberweapon was used to temporarily take down Liberia's internet as well using a Mirai botnet known as Botnet 14.

"Liberia has one internet cable, installed in 2011, which provides a single point of failure for internet access," Beaumont wrote. "From monitoring we can see websites hosted in country going offline during the attacks... The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state."
Dale Drew, chief security officer at Level 3 Communications also confirmed to ZDNet that it had "witnessed an attack against a telecommunications company in Liberia" powered by the Mirai botnet.
An employee at one Liberian mobile service provider reportedly confirmed the attacks saying they were already affecting business in the small African country, PC World reports.
Beaumont noted that one transit provider confirmed the short, intermittent attacks were over 500Gbps in size, adding that Botnet 14 is "extremely successful at attacking things."
"It is the largest of the Mirai botnets and the domain controlling it predates the attacks on Dyn," Beaumont wrote. "The capacity makes it one of the biggest DDoS botnets ever seen. Given the volume of traffic, it appears to be owned by the actor which attacked Dyn."
The October attack targeting Dyn measured 1.1tbps and was powered by thousands of infected IoT devices such as web cameras and digital recorders.
Earlier in October, the source code for the Mirai malware was leaked by a hacker group to the public. Security researcher Brian Krebs warned that the dangerous leak would "virtually guarantee that the internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."
While it is still not clear who was responsible for the Liberian attacks, Beaumont noted that the attacks are likely a test.
The cyberattacks targeting Liberia were also tweeted by a Twitter account called @MiraiAttacks which monitors and tweets about attacks as they are occurring. After mentioning the Liberian attack, Beaumont then noticed that the Twitter account seemed to name him in a subsequent post, leading him to dub the botnet "Shadows Kill."
"When I started to see messages in the attack commands clearly written towards those monitoring, it felt really strange," Beaumont told Quartz. "When they mentioned what I presume to be me, it was clear they were reading my tweets, and that was... interesting. I believe they are trying to silence research."

Comments

Popular posts from this blog

President George Weah's One Day National Forum Successfully Attended by 26 Political Parties

On Thursday, August 8, 2018, President George Weah had a sit down with 26 political parties of Liberia.  The meeting aimed at advancing ideals that promote the spirit of national unity and political tolerance between opposition political parties and the government.  ANC, LP and UP attended the meeting as a team. According to Deputy Minister Eugene L. Fahngon, Deputy Minister for Press and Public Affairs at Ministry of Information, Cultural Affairs & Tourism, all 26 political parties attended and participated from start to finish.  Even though, social media was buzzing about AB Dillion walking out of the meeting, he walked out as an individual and not a political party, "the invitation was extended to political parties and not to individuals," Minister Fahngon stated in his live video.  Each political party gave ideals and recommendations, which made the meeting a great success.  According to  Deputy Minister Fahngon, "there will be future engagements as such.&quo

What President Trump and Kim Jong Un Ate

The historic summit between President Donald Trump and North Korean leader Kim Jong Un continued midday Tuesday, as the leaders satisfied their appetites while holding negotiations with a contingent of advisers over a working lunch. The lunch, which followed a 45-minute one-on-one meeting between the leaders earlier in the morning and bilateral discussion with senior aides, was held at the Capella Hotel on Singapore’s Sentosa Island. It was far from an intimate affair, with each leader accompanied by a bevy of senior staff, according to the White House. Joining Trump were Secretary of State Mike Pompeo, Chief of Staff John Kelly, National Security Advisor John Bolton, U.S. Ambassador to the Philippines Sung Kim, press secretary Sarah Huckabee Sanders, and Deputy Assistant to the President for Asian Affairs Matthew Pottinger. Kim was accompanied by Kim Yong Chol , the former spy chief and one of North Korea’s chief negotiators, as well as Foreign Minister Ri Yong Ho, former

Liberia: Kpanto Entertains Small Crowd at Australia Concert

Kpanto's Australia tour's first night in Perth on April 1st was a tour in terms of attendance, but the artist still managed to put up a fantastic show in spite of the low crowd. Despite Kpanto's tremendous popularity, the attendance was unsatisfactorily low. A video that was just found online shows that there were between 25 and 65 people present. According to the promoter who planned the event, the actual number was 210. Despite all, the musician provided a standout performance.