There are new details about last Friday’s massive DDoS attack. The IPN company Dyn, Inc. and several outlets have reported that hacker groups relied on thousands of Internet of Things devices to carry out the cyber attack.
Analysts from the company and others detected a malware called Mirai in Dyn’s servers. A hacker published the source code for Mirai back in September, much to the surprise and worry of digital security experts.
The New Hampshire-based company reroutes internet traffic for some of the biggest sites online.
Users reported issues when trying to access sites like Amazon, Reddit, Tumblr, Netflix, Twitter, Airbnb, Spotify, and more. By Friday evening, Dyn was still undergoing attacks, but the overall situation was under control.
Who carried out the Dyn DDoS attack?
The hacktivist groups New World Hackers and Anonymous claimed credit for the attacks on Friday. The two groups have been responsible for similar attacks in the past, but security experts have dismissed these allegations as highly unlikely or downright false.
Analysts said Anonymous and New World Hackers had falsely claimed credit for large-scale attacks in the past.
A hacker codenamed “Prophet” reportedly provided proof of the New World Hackers operations. The security firm Flashpoint deemed the organization as “imposters” after taking a closer look at the material.
If these claims are indeed false, then it remains to be seen who is really behind the attack. Department of Homeland Security and the FBI are currently investigating along with Dyn.
Anonymous and NWH are trying to help Wikileaks’ founder
MORE: #WikiLeaks has activated contingency plans after #Assange's internet link was intentionally cut off https://t.co/octsMseme1
— RT (@RT_com) October 17, 2016
The two groups claimed the attack was a mere test to measure the extent of their power. Both Anonymous and New World Hackers pledged allegiance to WikiLeaks, and so the massive DDoS offensive was apparently in retaliation to new restraints against its director Julian Assange.
Assange has been living in the Embassy of London in Ecuador since 2012. Last week, the WikiLeaks leader reported that external agents had cut his internet access. These actions were apparently a direct consequence to WikiLeaks releasing several batches of John Podesta’s personal emails.
Podesta is the campaign chairman for the U.S. Democratic candidate Hillary Clinton. WikiLeaks determined the Ecuadorian government along with the U.S. were responsible for keeping Assange in the dark.
Both U.S. intelligence agencies and Dyn have ruled out the involvement of Russia in the attack. Russia was found to be behind the massive DNC leaks a couple of months back, also targeting the Clinton campaign.
How does the Mirai malware work?
The piece of code responsible for the articulation of this attack was no other than Mirai. Mirai is a sophisticated tool released on the internet by a hacker codenamed Anna-senpai earlier this month.
The malware infects IoT devices like cameras, home assistants, printers, speakers, toasters, and more and turns them into minions to launch a massive DDoS attack. The hackers then coordinate the devices, so they all flood a site’s traffic at once, effectively taking it down.
Dyn continues to investigate along with U.S. security agencies. Several media outlets have pointed out that not only hackers are to blame, but also consumers and manufacturers for not securing their products properly.
Source: Dyn, Inc.