badge icon

This article was automatically translated from the original Turkish version.

Article
AI_Generated_Image_2025-08-16_493054604041201.png

Mirai Attack

Definition(s)

Malware attack that orchestrates DDoS attacks by compromising IoT devices

First Appearance Date

2016

Working Method

Exploiting devices with weak passwords to create botnets and launch DDoS attacks

Main Objectives

IoT devices (IP cameras, routers, DVR systems)

Mirai attack is a malicious software (malware) attack that targets Internet of Things (IoT) devices and converts them into a remotely controllable botnet network. First brought to public attention in 2016, Mirai specifically infected IoT devices with weak passwords and inadequate security measures, orchestrating large-scale distributed denial-of-service (DDoS) attacks.


Mirai Attack Representative Image (Generated by Artificial Intelligence.)

Emergence and Widespread Impact

The Mirai malware caused massive cyberattacks worldwide and triggered significant disruptions to internet infrastructure. It targeted IoT components such as IP cameras, routers, and DVR devices. One of the most well-known incidents was the 2016 attack on the Dyn DNS infrastructure, which rendered many popular internet services—including Twitter, Spotify, Netflix, and GitHub—unavailable for hours.

Technical Operation

The Mirai malware scans IoT devices with simple and weak passwords, compromising them using default username and password combinations. Compromised devices:

  1. Connect to a command-and-control (C&C) server.
  2. Are incorporated into a “botnet” network managed by the C&C server.
  3. Are directed by the botnet to launch DDoS attacks against specific targets.

Such attacks overwhelm the target system’s server resources, rendering its services inaccessible.

Mirai in the Context of DDoS Attacks

DDoS (Distributed Denial-of-Service) attacks rely on flooding a target with traffic from multiple sources to render it inoperable. Mirai’s danger lies in its ability to turn millions of devices into attack sources simultaneously. This has made defense against such attacks significantly more difficult and has established IoT security as one of the primary centers of cyber threats.

Security Vulnerabilities and Lessons Learned

  • Despite widespread use, most IoT devices suffer from weak security standards.
  • Default usernames and passwords provide an easy entry point for malware like Mirai.
  • This incident has highlighted the necessity for IoT device manufacturers to adopt security-focused hardware and software development.


Bibliographies

Atasever, Süreyya, İlker Özçelik, and Şeref Sağıroğlu. “Siber Terör Ve DDoS.” Süleyman Demirel Üniversitesi Fen Bilimleri Enstitüsü Dergisi 23, no. 1 (April 2019): 238–44. https://doi.org/10.19113/sdufenbed.507948.

Tok, Mevlut Serkan. “Nesnelerin Internetinde Botnetler: Mirai Zararlı Yazılımı Üzerine Bir Çalışma.” Master's thesis, TOBB ETÜ Fen Bilimleri Enstitüsü, 2019. https://doi.org/10.13140/RG.2.2.23011.50725

Author Information

Avatar
AuthorMehtap PamukDecember 1, 2025 at 10:09 AM

Tags

Discussions

No Discussion Added Yet

Start discussion for "Mirai Attack" article

View Discussions

Contents

  • Emergence and Widespread Impact

  • Technical Operation

  • Mirai in the Context of DDoS Attacks

  • Security Vulnerabilities and Lessons Learned

Ask to Küre