Mirai Botnet - Binary Fetch Detection

high Nessus Network Monitor Plugin ID 9750

Synopsis

The remote host was observed fetching a malicious binary.

Description

The remote host seems to be infected with Mirai malware. This host was observed fetching a malicious binary for the Mirai botnet. Mirai is a linux-based botnet that primarily targets online consumer devices such as remote cameras, home routers, and DVRs. Once a system is compromised, it will download additional tools to interact with the botnet and for persistence.

Solution

There is a high probability that this device has been compromised. You should manually inspect and clean this system.

See Also

http://www.nessus.org/u?50dd1526

Plugin Details

Severity: High

ID: 9750

Family: Backdoors

Published: 11/2/2016

Updated: 11/2/2016