This article was automatically translated from the original Turkish version.
Mirai Attack
Definition(s) | Malware attack that orchestrates DDoS attacks by compromising IoT devices | ||||||||
|---|---|---|---|---|---|---|---|---|---|
First Appearance Date | 2016 | ||||||||
Working Method | Exploiting devices with weak passwords to create botnets and launch DDoS attacks | ||||||||
Main Objectives | IoT devices (IP cameras, routers, DVR systems) | ||||||||
Mirai attack is a malicious software (malware) attack that targets Internet of Things (IoT) devices and converts them into a remotely controllable botnet network. First brought to public attention in 2016, Mirai specifically infected IoT devices with weak passwords and inadequate security measures, orchestrating large-scale distributed denial-of-service (DDoS) attacks.

Mirai Attack Representative Image (Generated by Artificial Intelligence.)
The Mirai malware caused massive cyberattacks worldwide and triggered significant disruptions to internet infrastructure. It targeted IoT components such as IP cameras, routers, and DVR devices. One of the most well-known incidents was the 2016 attack on the Dyn DNS infrastructure, which rendered many popular internet services—including Twitter, Spotify, Netflix, and GitHub—unavailable for hours.
The Mirai malware scans IoT devices with simple and weak passwords, compromising them using default username and password combinations. Compromised devices:
Such attacks overwhelm the target system’s server resources, rendering its services inaccessible.
DDoS (Distributed Denial-of-Service) attacks rely on flooding a target with traffic from multiple sources to render it inoperable. Mirai’s danger lies in its ability to turn millions of devices into attack sources simultaneously. This has made defense against such attacks significantly more difficult and has established IoT security as one of the primary centers of cyber threats.
Atasever, Süreyya, İlker Özçelik, and Şeref Sağıroğlu. “Siber Terör Ve DDoS.” Süleyman Demirel Üniversitesi Fen Bilimleri Enstitüsü Dergisi 23, no. 1 (April 2019): 238–44. https://doi.org/10.19113/sdufenbed.507948.
Tok, Mevlut Serkan. “Nesnelerin Internetinde Botnetler: Mirai Zararlı Yazılımı Üzerine Bir Çalışma.” Master's thesis, TOBB ETÜ Fen Bilimleri Enstitüsü, 2019. https://doi.org/10.13140/RG.2.2.23011.50725
Mirai Attack
Definition(s) | Malware attack that orchestrates DDoS attacks by compromising IoT devices | ||||||||
|---|---|---|---|---|---|---|---|---|---|
First Appearance Date | 2016 | ||||||||
Working Method | Exploiting devices with weak passwords to create botnets and launch DDoS attacks | ||||||||
Main Objectives | IoT devices (IP cameras, routers, DVR systems) | ||||||||
Emergence and Widespread Impact
Technical Operation
Mirai in the Context of DDoS Attacks
Security Vulnerabilities and Lessons Learned