This story is over 5 years old.


Internet of Things Malware Has Apparently Reached Almost All Countries on Earth

Almost all countries on earth now have Internet of Things devices infected with Mirai.
Image: zeevveez/Flickr

The malware that powered one of the worst denial of service cyberattacks of the last few years has infected internet-connected devices all over the world, reaching as many as 177 countries, according to security researchers.

At the beginning of this month, a cybercriminal released the source code of the malware that powered one of the worst-ever zombie armies, or botnet, made of Internet of Things. The release of the malware, known as Mirai, gave cybercriminals with minimal skills a new tool to launch cyberattacks. It also gave internet defenders and security researchers a way track down the bad guys' activities and map their armies of hacked devices.


Read more: We Need to Save the Internet from the Internet of Things

Imperva, a company that provides protection to websites against Distributed Denial of Service (DDoS) attacks, is among the ones who have been busy investigating Mirai. According to their tally, the botnet made of Mirai-infected devices has reached a total of 164 countries. A pseudonymous researcher that goes by the name MalwareTech has also been mapping Mirai, and according to his tally, the total is even higher, at 177 countries.

A map that shows the location of Mirai-infected devices. (Image: Imperva)

"Most indiscriminately spread malware will show up allover the globe," MalwareTech said in a Twitter message.

Mirai was used to build a botnet that hit the website of security journalist Brian Krebs with a large DDoS attack last month. A hacker who goes by the name Anna-senpai released the source code of the malware at the beginning of October, but it's unclear who really is behind it.

Mirai isn't really a fancy piece of malware, but it's effective and spreads quickly because it targets Internet of Things (IoT) devices that are extremely easy to hack. These devices, mostly DVRs and surveillance cameras, use default and predictable passwords, such as "admin" and "123456", "root" and "password," or "guest" and "guest," among others.

Thanks to these shitty passwords, and the Mirai malware, the Internet of (hackable) Things has truly gone global.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.