description-logoDescription

This indicates that a system might be infected by Mirai Botnet.
Mirai is a Linux malware that primarily targets IoT devices such as IP cameras and routers. Mirai often uses default credentials or command injection exploits to infect IoT devices. The malware can mine cryptocurrencies, perform DDoS, execute arbitrary commands, and scan the internet for other vulnerable devices to infect.
Please note: this signature often gets triggered by scanning traffics from devices infected by Mirai. Please check the source IP to verify if the infection is on the local network. All botnet signatures from FortiOS 5.6 onwards are under IPS, and have their default action set to "Block".

affected-products-logoAffected Products

Any unprotected internet device is vulnerable to the attack.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

If required, the signature's action can be set to "Block".
Please use Anti-Virus software to scan and clean the infected devices.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-07-08 33.041
Modified
Sig Added
2025-01-27 29.943
Modified
Sig Added
2024-11-14 29.904
Modified
Sig Added
2024-10-29 28.892
Modified
Sig Added
2024-06-20 28.812
Modified
Sig Added
2024-06-18 28.810
Modified
Sig Added
2024-05-22 27.791
Modified
Sig Added
2023-12-14 26.696
Modified
Sig Added
2023-10-26 25.666
Modified
Sig Added
2023-08-14 25.620
Modified
Sig Added