description-logoDescription

This indicates that a system might be infected by Mirai Botnet.
Mirai is a Linux malware that primarily targets IoT devices such as IP cameras and routers. Mirai often uses default credentials or command injection exploits to infect IoT devices. The malware can mine cryptocurrencies, perform DDoS, execute arbitrary commands, and scan the internet for other vulnerable devices to infect.
Please note: this signature often gets triggered by scanning traffics from devices infected by Mirai. Please check the source IP to verify if the infection is on the local network.

affected-products-logoAffected Products

Any unprotected internet device is vulnerable to the attack.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

If required, the signature's action can be set to "Block".
Please use Anti-Virus software to scan and clean the infected devices.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-12-14 26.696 Sig Added
2023-10-26 25.666 Sig Added
2023-08-14 25.620 Sig Added
2022-10-17 22.414 Sig Added
2022-06-14 21.338 Sig Added
2022-04-05 20.291 Sig Added
2021-12-07 19.211 Sig Added
2021-12-07 19.210 Sig Added
2021-12-07 19.209 Sig Added
2021-11-23 18.201 Sig Added