Mirai Botnet Is The Culprit Of Yesterday’s DynDNS Outage

The Massive DDoS attacks which shut down the DynDNS services all day yesterday were executed through the Mirai botnet. It was evident from the start that the number of devices flooding the platform’s servers went far beyond just computers. Internet of Things devices, smartphones, and other types of internet-connected machines were all part of this attack. It is rather interesting to see the Mirai botnet play a role in this scenario, even though the source code was made public not too long ago.

No Device Is Safe From The Mirai Botnet

Even though the Mirai developers published the source code on the Internet a few weeks ago, no one expected such a major DDoS attack to take place. This code can be used to infect all kinds of devices, including CCTV cameras and DVRs, which is part of the reason why the Dyn servers were overwhelmed with traffic in quick succession.

Further research into this attack unveiled that multiple signs are pointing to the usage of the Mirai botnet code. While it is unclear if this is the original botnet or a newly created army of enslaved machines, the result remains the same. It took Dyn several hours to restore services, which caused outages for platforms such as Twitter, Netflix, and even major news sites.


According to Dale Drew, anywhere between 50,000 and 100,000 infected devices took part in this DDoS attack. That is quite a significant number, which shows the potential this source code holds. Mirai, however, was not the only botnet partaking in this attack, even though it represented the majority of network traffic.

The first Dyn DDoS attack lasted for a full two hours and targeted data centers in Chicago, Washington, and New York. This explains why primarily East Coast users had problems accessing their favorite servers, while the rest of the world remained unaffected. When the second attack occurred, however, a total of 20 Dyn data centers around the world were targeted at the same time.

While these attacks were underway, a tough decision had to be made by internet backbone providers. Level 3, for example, cut off the connection to Dyn at one point to ensure that these attacks would not affect their network  That connection was later on restored once Dyn alerted the world that everything had returned to normal again.

Unfortunately, it seems that this was a mere test to showcase what the Mirai botnet is capable of. With the source code being made publicly available, it is very easy to distribute this malware and create new botnets. The future of Internet security is in peril, and it looks like this was only a sign of what is yet to come.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.