APT / THREAT GROUP

Mirai

4
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.

Threat Analysis

Mirai is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

Intelligence Reports Mentioning Mirai

External References

Quick Facts

TypeAPT / Threat Group
Aliases4

Also Known As

Katanawin.miraiMiraielf.mirai

External Intelligence

Malpedia: win.mirai

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Mirai — APT / Threat Group | Threat Intelligence | CTIWATCH.COM