Computerware

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

100 Countries Hit By Android DDoS Malware

100 Countries Hit By Android DDoS Malware

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

How It Works
WireX was designed to use HTTP requests to bombard their targets, directing as many as 20,000 requests to a target every second to use up the target’s server resources. This number of requests may not have been effective, if it weren’t for where WireX would direct its attack on the victim site. Rather than just sending 20,000 requests every second to the website as a whole, WireX would target specific pages that used more of the site’s resources. Search pages were frequently targeted for this reason.

Why Is WireX So Nasty?
There are a few factors that contribute to why WireX managed to cause such a big fuss, so quickly.

First off, although WireX is an Android-powered mobile botnet, the traffic it sends to the targeted website appears to be regular mobile browser traffic. This is a problem, because most experts who focus on defending companies from DDoS attacks utilize filters that help them to sort the malicious traffic out from the legitimate traffic. This is more difficult with WireX, as it includes its own fully-functioning browser that hides its information from the targeted system.

In addition to this, WireX also leverages SSL as a part of its attacks, which usually protects an Android user’s browser session. In this case, however, it only makes WireX more difficult to detect.

Defeating the DDoS
It ultimately took a team of experts from Cloudflare, Akamai, Flashpoint, Dyn, Google, Team Cymru and EiskIQ to stop WireX. The seven companies needed to pool their resources and data on WireX in order to identify it as a mobile-based attack, and then to identify the 300 malicious Google Play Store apps that delivered it. While these apps have not been named to the public, they were often media players, ringtones, or storage managers. Google has since blocked these apps from the Play Store, and has also removed them from the devices that were infected.

So, What Can You Do?
Your most effective defense against threats like WireX and other applications that sneak in malware is to simply not download applications that you don’t trust, as well as to educate employees on why they shouldn’t either. For more information on the latest threats and how you can protect yourself, call Computerware at (703) 821-8200.

Tip of the Week: If You Prefer Windows 8’s Start M...
48 Vulnerabilities Resolved On Patch Tuesday
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 20 January 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Software Hackers Managed Service Provider Workplace Tips Business Computing Productivity Backup Data Hardware Saving Money Business Malware Email IT Support IT Services Hosted Solutions Google Efficiency Smartphones Small Business Gadgets Quick Tips Network Security Business Continuity User Tips Mobile Devices Mobile Office Computer Disaster Recovery Network Virtualization Microsoft Office Server VoIP Social Media Windows 10 Mobile Device Management Miscellaneous Upgrade Android Windows Unified Threat Management Ransomware Smartphone Innovation Holiday Operating System Remote Computing Passwords BYOD Remote Monitoring Communication Mobile Computing WiFi Vendor Management Marketing The Internet of Things Apps Facebook Collaboration Firewall Analytics History Users Managed IT services IT Support Alert Data Management Apple Save Money Managed IT Services IT Consultant Outsourced IT Phishing Cybersecurity Big data Productivity App Content Filtering Bring Your Own Device Office Health Automation Gmail Outlook Artificial Intelligence Virus communications Budget Best Practice BDR Spam Going Green Windows 8 Wireless Technology Search Tech Support Hiring/Firing Managed IT Lithium-ion Battery Browser Hard Drives Employer-Employee Relationship Help Desk Antivirus Cost Management Maintenance Internet of Things Bandwidth Information Technology Phone System IBM Mobile Device Encryption Printer Office 365 Money Update Data Backup Recovery Hard Drive Proactive IT Legal Risk Management Computers Administration SaaS Customer Service Travel Document Management Education Networking Saving Time Humor Save Time Law Enforcement Running Cable Data storage Government It Management PowerPoint Social Networking Word Mobility VPN Cortana Password Twitter Hacker Windows 10 Hosted Solution Robot Tablet iPhone Business Intelligence Two-factor Authentication Wireless Black Market Website Data Recovery Computer Repair Business Growth Fax Server Telephone Systems Hacking Intranet Training Disaster End of Support Project Management Securty User Avoiding Downtime Digital Payment Solid State Drive Current Events DDoS Flexibility Excel Comparison Mouse Cybercrime Office Tips Gaming Console Text Messaging Automobile Scam Webcam Paperless Office Sports How To Computing Processors Downtime USB Digital Bitcoin Presentation IT service Company Culture Start Menu Net Neutrality Taxes Virtual Desktop Compliance Software as a Service Social Engineering Documents Access Control Programming Uninterrupted Power Supply Computing Infrastructure Heating/Cooling Co-managed IT Trending Data Security Monitors Retail Patch Management Google Maps Telephony Statistics Experience Lifestyle eWaste YouTube Cloud Computing Hack Settings Unified Communications Streaming Media Inbound Marketing Safety Specifications Chrome Politics Distributed Denial of Service Social Pain Points Router Public Cloud Computer Accessories Network Congestion User Error Customer Relationship Management Cryptocurrency Google Docs Laptop Augmented Reality Books email scam IT consulting Business Technology Analytic WannaCry Computer Malfunction Cleaning Downloads Public Speaking GPS CIO Time Management Microchip Fake News Reading Vulnerabilities Regulations Windows XP Motion Sickness Best Practives Mobile Technology Society Entrepreneur Google Calendar Micrsooft 3D HIPAA Touchscreen Business Managemenet Tracking Hacks Ebay Microsoft Excel Relocation Microserver Recycling Business Cards Electronic Payment Knowledge Web Server Identity Theft Mobile Payment Technology Tips IP Address Adminstration Websites Workers Notifications Pirating Information Reliable Computing Turn Key Human Resources Tech Terms Access Virtual Reality Trojan Television Music Blockchain Upgrades Skype Samsung Content Management Organize G Suite Bluetooth LiFi Teamwork Spyware Physical Security SharePoint Video Surveillance Tip of the week Deep Learning Storage Tablets Rental Service Data Protection LinkedIn Sync Memory Saving ZTime Visible Light Communication PDF Best Available cache CCTV Wi-Fi Evernote Keyboard Debate Virtual Assistant Domains Product Reviews Archive Corporate Profile In Internet of Things Flash Advertising Data Loss Read Value Assessment Emails Harddrive Point of Contact Data Warehousing Google Wallet Shortcut Scalability Hard Drive Disposal Displays Troubleshooting Redundancy VoIP External Harddrive Staffing Thin CLient Environment Data Breach Consultation Meetings Banking Windows Server 2008 Drones Competition Private Cloud Unified Threat Management Business Owner Cabling File Sharing Administrator Smart Phones Language Get More Done Leadership Permissions Audit Supercomputer Business Metrics Printer Server Windows 7 Application Machine Learning Device Management Fiber-Optic Writing switches Emergency Worker Computer Care Digital Signature Google Drive Employer Employee Relationship Chromebook Freedom of Information Messenger Fraud Entertainment Vulnerability Licensing online Currency Electricity Botnet Work/Life Balance Printing Upselling Download Webinar News 3D Printing CrashOverride Piracy Software License Capital Productuvuty

hp supplies medallionLarge2017