The malware behind last month’s massive internet disruption in the U.S. is targeting Liberia with financially devastating results.
This week, a botnet powered by the Mirai malware has been launching distributed denial-of-service (DDoS) attacks on IP addresses in the African country, according to security researchers.
These attacks are the same kind that briefly disrupted internet access across the U.S. almost two weeks ago. They work by flooding internet connections with too much traffic, effectively forcing the services offline.
On Thursday, an employee with one Liberian mobile service provider said the attacks were taking a toll.
“The DDoS is killing our business,” he said over the phone. “We have a challenge with the DDoS. We are hoping someone can stop it.”
The employee declined to have his name published because he was not authorized to speak for his company. The attacks began a few days ago, he said, but not all Liberian internet providers were affected.
“It’s killing our revenue. Our business has been targeted frequently,” he said.
The attack on Liberia was noticed by security researcher Kevin Beaumont, who on Thursday wrote a post about the Mirai-powered botnet responsible.
This particular Mirai botnet is able to generate more than 500 Gbps of traffic, enough to seriously disrupt systems across Liberia, which already has limited internet infrastructure, he said.
“From monitoring, we can see websites hosted in country going offline during the attacks,” Beaumont added.
Hackers have been creating botnets with the Mirai malware ever since its anonymous creator released the source code on a forum in late September. About 500,000 poorly secured internet devices, including surveillance cameras and DVRs, are estimated to be infected with Mirai.
Last month’s DDoS attack in the U.S. came from 100,000 infected devices, according to DNS service provider Dyn. In addition, variants of the malware have been appearing.
It’s still unclear who is behind these DDoS attacks, but security researchers speculate they may be coming from amateur hackers running DDoS-for-hire services. These services can be bought for a fee to attack targets, such as a video game or website, for extortion purposes.
In the case of Liberia, the attacks could be hackers wanting to try out new denial-of-service techniques, Beaumont said.