Botnet built in Minecraft

Botnet built in Minecraft

Mirai (Japanese for “The Future”) is malware which has made quite a name for itself in recent years and was accredited with some of the biggest DDOS attacks taking down web giants such as Twitter, Reddit and Spotify.

 

A DDOS (Distributed Denial of Service) Attack is when a Server or Service is bombarded with enough data and traffic to overload the servers causing them to be overwhelmed and fail.

Read about Mirai Here.

 

Mirai was also later adapted into the “Mirai Worm” Which was famous for recently taking down routers provided by TalkTalk and the Post Office. It achieved this by using a list of common default usernames and passwords for network devices (such as routers), Attempting to log into devices using these common logins then embedding itself into their firmware.

Mirai uses its list of IP Addresses of Private networks and the US Postal Service to ignore, As well as its common default logins which it uses to infect unsuspecting users devices, impressively removing other malware from said devices. It leaves them lying in wait for a command to attack a Server.

So where does Minecraft come into this? Well the hugely popular gaming sensation which is now owned by Microsoft has been linked to the origin of the Mirai attacks. Due to the popularity of Minecraft and services hosting servers for the game there was a rivalry between Minecraft server providers.

A predecessor of Mirai was originally used against Minecraft servers to take them offline or reduce their performance with speculation of the author of Mirai “Anna Senpai” claiming that he was put up to creating this to attack rival servers.

 

Increase your security!

Fortunately Mirai and the Mirai Worm did not exploit any bugs or gaps in the software of devices such as routers but more relied on preying upon devices with the default “Changeme” kind of passwords set on devices when they are first delivered. So from atleast the Mirai malware the security advice is simple, Change the admin passwords on all devices and keep your passwords strong and secret for any device or account.