Port 22

Keeping a Hidden Identity: Mirai C&Cs in Tor Network

We found new samples of Mirai targeting IP cameras and DVRs with exposed ports and default credentials. Like its predecessors, it allows attackers remote access and the use of infected devices to form a botnet for DDoS attacks. However, the C&Cs were traced back to the Tor network, keeping the cybercriminals’ identities anonymous and protecting the servers from being shut down despite discovery.

The post Keeping a Hidden Identity: Mirai C&Cs in Tor Network appeared first on .