Computerware

100 Countries Hit By Android DDoS Malware

100 Countries Hit By Android DDoS Malware

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

How It Works
WireX was designed to use HTTP requests to bombard their targets, directing as many as 20,000 requests to a target every second to use up the target’s server resources. This number of requests may not have been effective, if it weren’t for where WireX would direct its attack on the victim site. Rather than just sending 20,000 requests every second to the website as a whole, WireX would target specific pages that used more of the site’s resources. Search pages were frequently targeted for this reason.

Why Is WireX So Nasty?
There are a few factors that contribute to why WireX managed to cause such a big fuss, so quickly.

First off, although WireX is an Android-powered mobile botnet, the traffic it sends to the targeted website appears to be regular mobile browser traffic. This is a problem, because most experts who focus on defending companies from DDoS attacks utilize filters that help them to sort the malicious traffic out from the legitimate traffic. This is more difficult with WireX, as it includes its own fully-functioning browser that hides its information from the targeted system.

In addition to this, WireX also leverages SSL as a part of its attacks, which usually protects an Android user’s browser session. In this case, however, it only makes WireX more difficult to detect.

Defeating the DDoS
It ultimately took a team of experts from Cloudflare, Akamai, Flashpoint, Dyn, Google, Team Cymru and EiskIQ to stop WireX. The seven companies needed to pool their resources and data on WireX in order to identify it as a mobile-based attack, and then to identify the 300 malicious Google Play Store apps that delivered it. While these apps have not been named to the public, they were often media players, ringtones, or storage managers. Google has since blocked these apps from the Play Store, and has also removed them from the devices that were infected.

So, What Can You Do?
Your most effective defense against threats like WireX and other applications that sneak in malware is to simply not download applications that you don’t trust, as well as to educate employees on why they shouldn’t either. For more information on the latest threats and how you can protect yourself, call Computerware at (703) 821-8200.

Tip of the Week: If You Prefer Windows 8’s Start M...
48 Vulnerabilities Resolved On Patch Tuesday
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 25 May 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Software Hackers Business Computing Managed Service Provider Backup Workplace Tips Productivity Data Saving Money Hardware Business Malware Email IT Support IT Services Hosted Solutions Google Network Security Small Business Smartphones Efficiency Quick Tips Gadgets Mobile Devices Business Continuity User Tips Computer Disaster Recovery Mobile Office Virtualization Network Microsoft Office Social Media Android Server VoIP Mobile Device Management Smartphone Innovation Windows 10 Upgrade Miscellaneous Ransomware Unified Threat Management Windows Operating System Remote Monitoring Holiday Passwords Remote Computing Mobile Computing Communication WiFi Vendor Management BYOD Apps Collaboration Cybersecurity Marketing Facebook The Internet of Things Analytics History Firewall Apple Users Managed IT services IT Support Alert Productivity Data Management communications Automation IT Consultant Managed IT Services App Save Money Outsourced IT Data Backup Internet of Things Data Recovery Phishing Bring Your Own Device Health Gmail Office Content Filtering Big data Bandwidth Spam BDR Mobile Device Budget Hard Drives Wireless Technology Antivirus Search Browser Artificial Intelligence Cybercrime Outlook Windows 8 Lithium-ion Battery Best Practice Information Technology Tech Term Going Green Maintenance Managed IT Printer Hiring/Firing Virus Tech Support Encryption Help Desk Computers Phone System Recovery Employer-Employee Relationship Update Hacking Cost Management IBM Office 365 Money Proactive IT Running Cable Customer Service Two-factor Authentication Hard Drive Saving Time Administration Networking Legal VPN Intranet Website Travel Government Education Cloud Computing SaaS Risk Management Law Enforcement Save Time Humor Compliance Data storage Document Management It Management Training User Company Culture PowerPoint Blockchain Laptop Computer Repair Business Growth Social Networking Data Loss Wireless DDoS Mobility Twitter Data Breach Regulations Current Events Paperless Office Windows 10 Social Engineering Project Management Avoiding Downtime Disaster Word iPhone Hosted Solution End of Support Fax Server Robot Password Cortana Securty Business Intelligence Excel Hacker Digital Payment Access Control Downtime Solid State Drive Telephone Systems Black Market Comparison Tablet Data Security Flexibility Augmented Reality Public Cloud Trending Business Technology Gaming Console Cryptocurrency Virtual Desktop Mouse Patch Management Google Docs Specifications Safety Webcam Experience Identity Theft Text Messaging Social Statistics Scam Monitors Documents Programming Cleaning Heating/Cooling Google Maps Redundancy Office Tips Network Congestion Politics Storage Virtual Reality User Error Automobile YouTube Co-managed IT Emails Sports Vulnerabilities Chromebook Streaming Media Digital Inbound Marketing Unified Communications Settings Websites Retail Computing Infrastructure Hack Computing How To Start Menu Tech Terms eWaste Value Lifestyle Private Cloud Net Neutrality Pain Points Mobile Technology Chrome Software as a Service IT service Uninterrupted Power Supply Applications Telephony Processors Taxes Router Computer Accessories Bitcoin Customer Relationship Management Distributed Denial of Service Bluetooth USB Presentation Data Protection Multi-Factor Security Get More Done Application Licensing LinkedIn Deep Learning Software License Human Resources Hacks Physical Security cache Television Work/Life Balance Turn Key Relocation Tablets Harddrive Fraud Tactics Printer Server Banking Botnet WannaCry Downloads Visible Light Communication Debate Memory Devices File Sharing Archive Time Management Freedom of Information Monitoring Trojan Sync Corporate Profile Skype GPS IT consulting UTM Legislation Digital Signature IT Plan Organize Notifications CCTV Assessment SharePoint External Harddrive Teamwork Reliable Computing Tip of the week CIO email scam Addiction Entertainment Business Metrics Computer Malfunction Point of Contact Google Calendar Advertising Flash Accountants Touchscreen News Staffing Thin CLient Google Wallet Management In Internet of Things VoIP 3D Windows XP Ebay Multi-factor Authentication Society Wireless Headphones Knowledge Displays Migration PDF Consultation Evernote Smart Phones Best Available Keyboard Scalability Recycling Virtual Assistant Micrsooft Webinar Motion Sickness Analytic Technology Tips Equifax Messenger Tracking Fake News Leadership Drones Healthcare Domains Product Reviews Audit Adminstration Pirating Information Device security Nanotechnology Public Speaking Desktop Rental Service Meetings Read Data Warehousing Shortcut Cabling Emergency Hard Drive Disposal Business Cards Download Web Server Access Permissions Language Startup Books Workers Device Management Microsoft Excel Unified Threat Management Backup and Disaster Recovery Troubleshooting Wi-Fi Administrator Computer Care Entrepreneur Windows Server 2008 Music Screen Reader HIPAA Best Practives Business Managemenet switches Writing Environment Supercomputer Content Management Google Drive Competition Machine Learning Worker Vulnerability Upselling Upgrades Piracy Electronic Payment Microchip Spyware Mobile Payment Smart Tech Reading Samsung online Currency Fiber-Optic Database Business Owner Electricity Printing LiFi Video Surveillance HTML Microserver Windows 7 Saving ZTime Conferencing IP Address G Suite Mobile Security Employer Employee Relationship 3D Printing CrashOverride Capital Productuvuty

toner1.7