CATEGORIES
home News

Mirai IoT DDoS Botnet Source Code Reveals Specific Targeting Of Valve Source Engine Games On Steam

by Brandon HillMonday, October 03, 2016, 02:57 PM EDT
left4dead2
Earlier this morning, we reported on the troubling news that the source code for the Mirai IoT DDoS botnet is now out in the open. If you recall, Miari is the botnet that was able to flood KrebsOnSecurity with 620 gigabits per second of traffic using a horde of zombie IoT devices (the attack was so devastating that Akamai cancelled its pro bono hosting arrangement with Brian Krebs).

However, with Mirai source code now out for anyone to take advantage of, we may be seeing even more wide-scale DDoS attacks taking place in the future. And while KrebsOnSecurity might not exactly be a site that you have frequented in the past, Miari has the potential to cripple some big name properties. As Hans Gruber exclaimed, “Sooner or later, I might get to someone you do care about!”

Thomas Pore, Director of IT and Services for Plixer, has already examined the source code for Mirai and has detailed the for-hire nature of the botnet and the payment schemes that its author, anna-senpai, used to catalog customers. “Mirai is capable of multiple attack vectors including but not limited to UDP, DNS and HTTP floods, as well as GRE IP and Ethernet floods,” said Pore, who went on to add, “additionally a listener is hardcoded for TCP/48101, administrators should block or monitor for traffic on TCP/48101 although as new variants pop up, this pop is likely to change.”

ddos

Perhaps most troubling for gamers is that Valve’s Source Engine appears to be a potential target for future attacks. Pore says that “there is also an option for Valve Source Engine (VSE) floods meant to attack games using the Valve game engine.”

That definitely doesn’t sound good for gamers. Pore goes on to write:

The Valve Source Engine flood is a UDP (amplification) attack used to consume available resources against a server. The attack is designed to send TSource Engine Query requests to a gaming server, so many requests that server cannot process all of them and creates a denial of the gaming service. This type of attack is geared specifically to a gamers market. Since Mirai is designed as a service, it is appealing for gamers to create lag or outages for either a competitive advantage, rivalry, or revenge.

The ability for such DDoS attacks to proliferate with seemingly innocuous hardware is incredibly troubling. While we though that the KrebsOnSecurity attack was insane, a similar attack using 152,000 IoT devices was able to inundate French hosting provider OVH with nearly 1 Tbps per second of traffic.

With Mirai now on the loose, everyone should be taking shelter from the possible fallout.

Tags:  Valve, botnet, IoT, krebsonsecurity, mirai, source engine
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment