WireX DDoS Botnet, you check your phone???

in #tech7 years ago

WireX DDoS Botnet: tens of thousands of Android phones hacked


A group of security researchers from a number of security companies have discovered a new botnet with a wide network of tens of thousands of Android phones.

Named WireX and discovered under the name Android Clicker, the botnet network consists of infected Android devices running one of hundreds of malicious applications installed from the Google Play Store. It is designed to perform DDoS attack on the application layer.

Researchers from various technology and security companies, including Akamai, CloudFlare, Flashpoint, Google, Oracle Dyn, RishIQ, and Team Cymru, have uncovered a string of network attacks earlier this month. And fight together with them.

Although the malware on Android is quite popular today, but this new discovery is much more complex. Despite their rivals, these companies also shared information and jointly lowered the botnet. WireX was used to attack DDoS earlier this month, but since mid-August, attacks have been on the rise.

Currently, the WireX botnet has infected more than 120,000 Android machines and peaked at the beginning of this month. On August 17th, researchers noticed a widespread DDoS attack (mainly HTTP GET requests) that originated in more than 70,000 poisoned mobile devices from more than 100 countries.

If your website has been hacked with DDoS, check the User-Agent string to see if it has joined the WireX botnet

After the investigation, researchers discovered more than 300 poisoned apps on the official Google Play Store, forged multimedia files, video players, ringtones, memory management tools, Application ... contains WireX malicious code.

Like many other poisonous applications, WireX infected applications do not execute immediately after installation to avoid detection. They wait for commands from C&C servers located in many subclasses of axclick.store.

Google has detected and blocked nearly 300 of these applications, mostly loaded by users in Russia, China and other Asian countries. However. The WireX botnet is still small-scale.

If your device is running Android with a new version of Google Play Protect, WireX applications will automatically be removed from the device. This is a new security feature that uses the machine learning method and scales application usage to remove (uninstall) an infected application.

Source: https://quantrimang.com

Sort:  

@OriginalWorks Mention Bot activated by @supriya1993. The @OriginalWorks bot has determined this post by @duytruongnguyen to be original material and upvoted it!

OW2.gif

To call @OriginalWorks, simply reply to any post with @originalworks or !originalworks in your message!

For more information, Click Here!

Thats malware ,,,

Congratulations @duytruongnguyen! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes received

Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

By upvoting this notification, you can help all Steemit users. Learn how here!

Very useful post.

Coin Marketplace

STEEM 0.19
TRX 0.24
JST 0.037
BTC 96612.01
ETH 3387.37
USDT 1.00
SBD 3.05