Let us be your IT department!
Call us Today! (703) 821-8200

Computerware

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

100 Countries Hit By Android DDoS Malware

100 Countries Hit By Android DDoS Malware

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

How It Works
WireX was designed to use HTTP requests to bombard their targets, directing as many as 20,000 requests to a target every second to use up the target’s server resources. This number of requests may not have been effective, if it weren’t for where WireX would direct its attack on the victim site. Rather than just sending 20,000 requests every second to the website as a whole, WireX would target specific pages that used more of the site’s resources. Search pages were frequently targeted for this reason.

Why Is WireX So Nasty?
There are a few factors that contribute to why WireX managed to cause such a big fuss, so quickly.

First off, although WireX is an Android-powered mobile botnet, the traffic it sends to the targeted website appears to be regular mobile browser traffic. This is a problem, because most experts who focus on defending companies from DDoS attacks utilize filters that help them to sort the malicious traffic out from the legitimate traffic. This is more difficult with WireX, as it includes its own fully-functioning browser that hides its information from the targeted system.

In addition to this, WireX also leverages SSL as a part of its attacks, which usually protects an Android user’s browser session. In this case, however, it only makes WireX more difficult to detect.

Defeating the DDoS
It ultimately took a team of experts from Cloudflare, Akamai, Flashpoint, Dyn, Google, Team Cymru and EiskIQ to stop WireX. The seven companies needed to pool their resources and data on WireX in order to identify it as a mobile-based attack, and then to identify the 300 malicious Google Play Store apps that delivered it. While these apps have not been named to the public, they were often media players, ringtones, or storage managers. Google has since blocked these apps from the Play Store, and has also removed them from the devices that were infected.

So, What Can You Do?
Your most effective defense against threats like WireX and other applications that sneak in malware is to simply not download applications that you don’t trust, as well as to educate employees on why they shouldn’t either. For more information on the latest threats and how you can protect yourself, call Computerware at (703) 821-8200.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 23 September 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Managed Service Provider Workplace Tips Productivity Software Business Computing Backup Hackers Data Saving Money Hardware Business Malware IT Support Email IT Services Hosted Solutions Google Quick Tips Efficiency Smartphones Gadgets Business Continuity Small Business Mobile Devices Mobile Office Disaster Recovery Virtualization Computer User Tips Server Network Microsoft Office Network Security Windows 10 Miscellaneous Upgrade VoIP Social Media Unified Threat Management Windows Mobile Device Management Innovation Smartphone Operating System WiFi Vendor Management Passwords Android BYOD Ransomware Communication Remote Computing Marketing The Internet of Things Apps Mobile Computing Firewall Remote Monitoring Managed IT services Facebook History Holiday Users Collaboration Data Management Analytics Apple Save Money Alert IT Consultant Health Big data Managed IT Services Outsourced IT Content Filtering Bring Your Own Device Office Automation Lithium-ion Battery Hard Drives Outlook Productivity Virus App Best Practice BDR Spam Going Green Windows 8 Phishing Hiring/Firing Wireless Technology Search Tech Support Employer-Employee Relationship IT Support Encryption Help Desk Budget Antivirus Managed IT Information Technology Phone System IBM Data Backup Internet of Things Printer Gmail Browser Recovery Proactive IT communications Computers Customer Service Administration Maintenance Artificial Intelligence Education Data storage Save Time Money Saving Time Running Cable SaaS Humor Bandwidth Hard Drive Word Digital Payment Black Market Risk Management Password Current Events Networking Hacker Windows 10 PowerPoint Telephone Systems Social Networking Tablet Training VPN Twitter Two-factor Authentication Wireless Securty Data Recovery Travel Website Solid State Drive iPhone Business Intelligence Flexibility Hacking Document Management Mobile Device Legal Computer Repair Office 365 Fax Server User Intranet Hosted Solution DDoS Update Government It Management Avoiding Downtime Cybercrime Chrome Router Pain Points Mobility Cortana Computer Accessories Automobile Excel Customer Relationship Management User Error Comparison Cost Management Business Growth Monitors Augmented Reality Telephony Processors Downtime How To USB Presentation Gaming Console Text Messaging YouTube Settings Company Culture Start Menu Webcam Disaster Taxes Virtual Desktop End of Support Documents Programming Uninterrupted Power Supply Heating/Cooling Law Enforcement Politics Net Neutrality Retail Experience Laptop Cloud Computing Co-managed IT Hack Trending Office Tips Lifestyle Paperless Office Statistics Sports Safety Computing Social Robot Streaming Media IT service Network Congestion Inbound Marketing Public Cloud Compliance Cybersecurity Bluetooth Business Technology Device Management Analytic LiFi Computer Malfunction Computing Infrastructure WannaCry Deep Learning Time Management Public Speaking Rental Service online Currency Memory Scam Visible Light Communication Motion Sickness Entrepreneur Wi-Fi HIPAA Touchscreen Upselling Business Managemenet Tracking Webinar Electronic Payment Flash Knowledge Mouse Advertising Web Server Google Wallet Digital Displays Websites Workers GPS IP Address Human Resources Tech Terms Unified Communications Best Practives Banking Drones Access Software as a Service Ebay Skype Samsung 3D File Sharing Language Recycling Permissions Microserver G Suite Physical Security Business Metrics Teamwork Spyware Storage Writing Pirating Information switches Tablets Adminstration PDF Data Protection Turn Key Sync cache CCTV Trojan Keyboard Chromebook Best Available Content Management Patch Management Product Reviews Google Maps Organize Domains Messenger In Internet of Things eWaste Work/Life Balance Read Cryptocurrency Corporate Profile Assessment Emails Shortcut Download Value Google Docs Books Troubleshooting Redundancy Video Surveillance IT consulting Scalability Staffing LinkedIn Environment Cleaning VoIP Saving ZTime Consultation CIO Meetings Competition Microchip Reading Archive Business Owner Regulations Project Management Debate Windows XP Cabling Private Cloud Administrator Society Micrsooft Harddrive Supercomputer Application Hacks Point of Contact Relocation Specifications Emergency Worker Machine Learning Distributed Denial of Service Identity Theft External Harddrive Thin CLient Digital Signature Google Drive Employer Employee Relationship Notifications Reliable Computing Entertainment Licensing Botnet Get More Done Virtual Reality Music Electricity Smart Phones Leadership Upgrades Printer Server Social Engineering CrashOverride 3D Printing Capital Productuvuty Vulnerability

hp supplies medallionLarge2017