How Mirai Broke the DDoS Record, Twice (Part 3 of 6)

In September 2016, Mirai launched its first attack: a record-breaking 620 Gbps DDoS against Brian Krebs's blog. Around the same time, an even bigger attack hit French web host OVH at over a terabit per second, the first DDoS ever to break that mark. Akamai had been protecting Krebs for free through their Prolexic service, but after the attack they gave him about two hours to migrate off. He landed at Google's Project Shield. The attack traffic carried a fingerprint: the string 'freeapplej4ck' embedded in the POST requests, a reference to AppleJ4ck, one of the VDoS operators Krebs had just unmasked. So the attack was almost certainly retaliation. On September 30th, an anonymous user named Anna-Senpai posted the complete Mirai source code on Hackforums. The stated reason was that the security industry was getting too interested. The effect was that anyone could now run Mirai, and within weeks, dozens of variants were operating around the world. One of them was about to take down Dyn. Sources: https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/ https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/ https://github.com/jgamblin/Mirai-Source-Code More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday. #cybersecurity #mirai #botnet