Yet another Mirai fork that kills other bots on sight

Oct 26, 2018 16:08 GMT  ·  By

Following the public release of multiple botnets' source code, botnet building is now just a matter of copy-pasting code or using a botnet builder tool. 

Taking this into consideration, it's no surprise that security researchers detect more and more forks and copycats of highly efficient and very dangerous botnets such as Mirai.

One of them is the Bushido botnet which, as FortiGuard Labs team reports, was first detected on September 17 and it is a built using a lot of code from Mirai's leaked source code.

Although an obvious fork of Mirai, the Bushido botnet comes with a number of extra exploit tools to target new vulnerabilities such as remote command injections, auth bypasses, and arbitrary command execution in multiple router models.

Furthermore, Bushido also uses a different set of user/passwords combinations which enables it to target devices not yet in the crosshairs of other Mirai forks.

Mirai forks with very little modifications can be used by crooks to build huge botnets that can do a lot of damage in very little time

While based on Mirai, Bushido comes with three new DDoS attack options that, unsurprisingly, might also be borrowed from the leaked source code of another Mirai fork dubbed Owari.

Bushido's most exciting behavior is its enduring interest in hunting down other bots running on machines it manages to compromise and obliterating them out of existence by killing them on sight.

This Mirai variant is already being monetized seeing that is now available under a rent business model as a DDoS tool, also known as DDoS-for-hire service, called “0x-booter.”

0x-booter is also a copy pasted development job given that it is also based on another project, an open source booter called Ninjaboot more than obvious choice seeing that its source code was also leaked on a number of hacking forums just like Mirai's.

Moreover, 0x-booter allows its clients to control a botnet of 16k compromised devices with a bandwidth of around 420 GB/s ready to bring down most websites to their knees. The botnet can be hired using monthly subscription packages with prices going from $20 to $150.

Photo Gallery (5 Images)

0x-booter's control dashboard
0x-booter launch announcement0x-booter's control dashboard
+2more