Computerware

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

100 Countries Hit By Android DDoS Malware

100 Countries Hit By Android DDoS Malware

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

How It Works
WireX was designed to use HTTP requests to bombard their targets, directing as many as 20,000 requests to a target every second to use up the target’s server resources. This number of requests may not have been effective, if it weren’t for where WireX would direct its attack on the victim site. Rather than just sending 20,000 requests every second to the website as a whole, WireX would target specific pages that used more of the site’s resources. Search pages were frequently targeted for this reason.

Why Is WireX So Nasty?
There are a few factors that contribute to why WireX managed to cause such a big fuss, so quickly.

First off, although WireX is an Android-powered mobile botnet, the traffic it sends to the targeted website appears to be regular mobile browser traffic. This is a problem, because most experts who focus on defending companies from DDoS attacks utilize filters that help them to sort the malicious traffic out from the legitimate traffic. This is more difficult with WireX, as it includes its own fully-functioning browser that hides its information from the targeted system.

In addition to this, WireX also leverages SSL as a part of its attacks, which usually protects an Android user’s browser session. In this case, however, it only makes WireX more difficult to detect.

Defeating the DDoS
It ultimately took a team of experts from Cloudflare, Akamai, Flashpoint, Dyn, Google, Team Cymru and EiskIQ to stop WireX. The seven companies needed to pool their resources and data on WireX in order to identify it as a mobile-based attack, and then to identify the 300 malicious Google Play Store apps that delivered it. While these apps have not been named to the public, they were often media players, ringtones, or storage managers. Google has since blocked these apps from the Play Store, and has also removed them from the devices that were infected.

So, What Can You Do?
Your most effective defense against threats like WireX and other applications that sneak in malware is to simply not download applications that you don’t trust, as well as to educate employees on why they shouldn’t either. For more information on the latest threats and how you can protect yourself, call Computerware at (703) 821-8200.

Tip of the Week: If You Prefer Windows 8’s Start M...
48 Vulnerabilities Resolved On Patch Tuesday
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 19 November 2017

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Managed Service Provider Software Workplace Tips Backup Business Computing Hackers Productivity Data Saving Money Hardware Business Malware Email IT Support IT Services Hosted Solutions Google Efficiency Quick Tips Smartphones Small Business Gadgets Business Continuity Mobile Devices User Tips Mobile Office Disaster Recovery Computer Network Security Network Virtualization Microsoft Office Server VoIP Miscellaneous Upgrade Social Media Windows 10 Mobile Device Management Windows Unified Threat Management Ransomware Smartphone Android Innovation Passwords Operating System Remote Computing BYOD Communication Remote Monitoring WiFi Vendor Management Mobile Computing Apps The Internet of Things Holiday Marketing Collaboration Facebook Managed IT services Users History Firewall Apple Data Management Analytics IT Support IT Consultant Outsourced IT Alert Save Money Managed IT Services Phishing Productivity Automation Content Filtering Health Big data Bring Your Own Device Office Lithium-ion Battery Virus App Hard Drives Hiring/Firing Windows 8 Artificial Intelligence Managed IT Best Practice Tech Support Browser BDR Spam Going Green Wireless Technology communications Search Budget Outlook Maintenance Encryption Cybersecurity Phone System Help Desk Antivirus Gmail Printer Recovery Information Technology Employer-Employee Relationship IBM Internet of Things Data Backup Update Administration Travel Education It Management Proactive IT Save Time Computers Money Law Enforcement Running Cable Data storage Humor Government Legal Mobile Device Document Management SaaS Saving Time Bandwidth Customer Service Wireless Black Market Website Digital Payment Hard Drive Networking Mobility Telephone Systems PowerPoint Training Hacking Social Networking Windows 10 Disaster VPN Office 365 Twitter User Securty Fax Server Solid State Drive iPhone DDoS Flexibility Data Recovery Business Intelligence Word Avoiding Downtime Risk Management Password Cost Management Computer Repair Current Events Hacker Hosted Solution Tablet Intranet Two-factor Authentication Documents Programming Webcam Heating/Cooling Public Cloud Chrome Business Growth Router Computer Accessories Telephony Monitors Retail Comparison Customer Relationship Management Experience Scam Automobile Augmented Reality YouTube Unified Communications Settings Co-managed IT How To Text Messaging End of Support Start Menu Taxes Politics Safety Lifestyle Software as a Service Social Access Control Uninterrupted Power Supply Network Congestion Net Neutrality Google Docs Laptop Cybercrime Patch Management Google Maps Office Tips Trending Cortana Paperless Office Cloud Computing Pain Points Sports Hack Downtime Statistics Excel Processors Computing User Error Project Management USB Robot Presentation Company Culture IT service Virtual Desktop Streaming Media Gaming Console Inbound Marketing Compliance LiFi Employer Employee Relationship Leadership Bluetooth Best Practives Google Drive Computing Infrastructure Licensing Teamwork Device Management Rental Service Microserver Printing Deep Learning Electricity Storage Botnet PDF Visible Light Communication Memory Wi-Fi Business Technology Keyboard Best Available Product Reviews Turn Key Downloads Domains WannaCry online Currency Computer Malfunction Time Management eWaste Advertising Read Flash Trojan Organize Shortcut Google Wallet Value Motion Sickness Mouse Google Calendar Displays Troubleshooting Touchscreen Environment Tracking Staffing GPS Banking Knowledge Competition Drones Web Server File Sharing Technology Tips Digital Business Owner Websites Permissions Workers Language 3D Business Metrics Tech Terms Application Ebay Recycling Writing Access Specifications switches Samsung Harddrive Adminstration Chromebook Digital Signature G Suite Pirating Information Physical Security Messenger External Harddrive Spyware Entertainment Cryptocurrency Tablets Work/Life Balance Download Data Security Data Protection Content Management Sync CCTV Analytic Books Smart Phones Get More Done cache IT consulting Printer Server Cleaning Video Surveillance Mobile Technology Microchip Data Loss Public Speaking Corporate Profile CIO In Internet of Things Windows XP LinkedIn Emails Saving ZTime Reading Regulations Assessment Redundancy Entrepreneur Society Scalability Debate Mobile Payment Hacks Data Breach Micrsooft VoIP HIPAA Archive Business Managemenet Electronic Payment Meetings Relocation Consultation Identity Theft Webinar Cabling Point of Contact Private Cloud Upselling Notifications Audit IP Address Administrator Supercomputer Thin CLient Reliable Computing Human Resources Virtual Reality Emergency Music Worker Machine Learning Skype Social Engineering Computer Care Upgrades Distributed Denial of Service Vulnerability CrashOverride 3D Printing Television Capital Productuvuty

hp supplies medallionLarge2017