Pages

Sunday, January 28, 2018

WireX botnet: How did it use infected Android apps?

WireX was recently taken down by a supergroup of collaborating researchers from Akamai Technologies, Cloudflare, Flashpoint, Google, Oracle, RiskIQ and Team Cymru. This group worked together to eliminate the threat of WireX and, in doing so, brought together opposing security vendors to work toward a common goal.

The WireX botnet was a growing menace, and it was taken down swiftly and collectively. We're starting to see this happen more often, and this was a great example of what the security community can do when information is shared.

The WireX botnet was an Android-based threat that consisted of over 300 different infected apps found in the Google Play Store. The botnet started ramping up application-based distributed denial-of-service (DDoS) attacks that were able to continually launch, even if the app wasn't in use.

The WireX botnet is assumed to have been created for use in click fraud to make money off of advertising fraud, but quickly seemed to move toward the DDoS route after it gained a large enough botnet. The WireX botnet itself is estimated at 70,000 endpoints, but some researchers think it might be larger. Due to the fluid nature of the mobile device endpoints, the IP addresses from these systems are likely to change as a user moves geographically.

The researchers were able to work together and share data on the attacks they were seeing and piece together their intelligence to get a complete story. By sharing details on a peculiar DDoS attack against a particular customer with this collective group, the teams were able to identify the source of the attack as malicious Android apps. After determining the source, they were then able to reverse engineer the apps, find the command-and-control servers, and remove them. The group worked with service providers to assist with cleaning the networks and with Google to remove the infected apps.

Security groups are now coming together more frequently to help defeat large attacks on the internet. Previously, we saw a very competitive industry -- and there are still some others that don't play nice – but, in general, it's encouraging to watch competitors team up and work together to stop attacks for the common good and not for a marketing scheme.

Security groups are now coming together more frequently to help defeat large attacks on the internet.
This has to do directly with the larger attacks, such as Mirai and NotPetya, which have recently attacked the internet on a global scale. Many of the same vendors that worked together on the WireX removal were also involved with teaming up on the Mirai and NotPetya attacks.

At this point, vendors are working together to protect themselves and their customers, since all botnets must be addressed; however, they are also working with each other because it allows for a clearer look into these threats and, thus, remediation is quickened.

We saw from the internet of things attacks with Mirai botnet just how devastating a DDoS attack can be on the internet, so when a similar Android botnet was ramping up on mobile devices, it was in everyone's best interest to act quickly. The lesson to remove a threat as a team before it reaches the strength of something like Mirai was learned and taken into consideration with the WireX botnet.

My article at: http://searchsecurity.techtarget.com/answer/WireX-botnet-How-did-it-use-infected-Android-apps

21 comments:

  1. TreasureBox is operated by a group of young, passionate, and ambitious people that are working diligently towards the same goal - make your every dollar count, as we believe you deserve something better.
    Check out the best
    sofa bed
    shoe rack nz

    ReplyDelete

  2. تعد الاول افضل شركة غسيل خزانات بالمدينة المنورة تعمل على استخدام افضل ادوات تنظيف وتعقيم خزانات المياه

    ReplyDelete
  3. The engineers need to remember explicit highlights for the application to cause it to convey ideal client experience by exploiting these new highlights. Bulk SMS Service Provider in Sharjah UAE

    ReplyDelete
  4. Really Awesome Work. Thanks for sharing this information. You should also Download Game Killer iOS

    ReplyDelete
  5. I also wrote an article on a similar subject will find it at write what you think. android app reviews online

    ReplyDelete
  6. Life insurance is necessary that is why i always make sure that i get a reputable insurance company;; electronic components uk

    ReplyDelete
  7. This comment has been removed by the author.

    ReplyDelete
  8. This comment has been removed by the author.

    ReplyDelete
  9. I am enjoying the photos of the galleries with the total of the all updates on the photos that have taken randomly there. Actually on those types of the meetings rare to take in that wills corporations of the random series. online flight ticket booking

    ReplyDelete
  10. Certainly with your thoughts here and that i love your blog! I’ve bookmarked it making sure that I can come back & read more in the foreseeable future. phone mockup

    ReplyDelete
  11. Some really marvelous work on behalf of the owner of this web site , dead great subject matter. device mockup

    ReplyDelete
  12. I truly enjoy examining on this website , it has good content . ipad mockups

    ReplyDelete
  13. I’ve been exploring for a little bit for any high-quality articles or blog posts in this kind of house . Exploring in Yahoo I ultimately stumbled upon this website. Reading this info So i am glad to show that I have an incredibly good uncanny feeling I found out just what I needed. I such a lot indubitably will make certain to do not disregard this website and give it a look on a constant. ipad device template

    ReplyDelete
  14. I like this blog so much, saved to my bookmarks . ipad sketch

    ReplyDelete
  15. In the World of Digital Technology, Android Game is one of the Best OS in Mobiles World. Subway Surfers MOD APK is now the best game.
    Subway SurfersMODApks

    ReplyDelete
  16. I really appreciate this wonderful post that you have provided for us. I feel strongly that love and read more on this topic. I have spent a lot of my spare time reading your content. Thank you a lot.메이저놀이터

    ReplyDelete
  17. My brother recommended I may like this web site. He was entirely right. This publish actually made my day. You can not consider just how so much time I had spent for this information! Thank you! android phone template

    ReplyDelete
  18. Nice post. I learn something more challenging on distinct blogs everyday. It will always be stimulating to read content off their writers and practice a little something from their store. I’d choose to use some with all the content in my small weblog whether you do not mind. Natually I’ll provide a link on your own internet weblog. Many thanks sharing. android mockups

    ReplyDelete
  19. You made some good points there. I did a search on the topic and found most people will agree with your blog. mockup phone

    ReplyDelete