WireX botnet took control of android devices through malicious apps.
Botnets on computers are old hat. Last year we saw IP cameras and DVR recorders taken over by a botnet that took down a significant portion of the internet. A new botnet was found working behind the scenes within android phones. This android botnet enslaved phones via malicious apps, 300 of which were found within the Google Play Store.
The malicious apps were disguised as media players, storage managers, and ringtone apps. Once installed, the apps would utilize the device running in the background and would be included in the botnet even when the device was not in use. Security researchers found the botnet early, when it was only controlling around 120,000 IP addresses across 100 countries. Botnets are a network of devices infected with malicious software that allows the botnet’s controllers to utilize the devices in various ways. The most common way is to utilize the devices to commit DDoS attacks. At WireX’s peak strength it was able to send as many as 20,000 HTTP requests per second. While that sounds impressive, it’s actually a small attack when dealing with botnets.
Once the botnet was identified, Cloudflare, Akamai, Flashpoint, Google, Dyn, RiskIQ, and Team Cymru quickly worked together to block the botnets. Google also removed the infected apps from the app store and are able to utilize it’s new Android Secure software to rid users of the malicious acts.
Botnets have proven to be a real threat to our digital lives, and we know now that nearly any internet connected device can be utilized to create botnets. It’s nice to see that this newest threat was caught and controlled so early. It’s even nicer to know that security is truly becoming a focus. We all knew the world would eventually follow BlackBerry in to this category, and while it is happening quite slowly, at least it is happening.