August 29, 2017 by

DDoS Attacks Blamed on Mirai-Style Botnet of 70,000 Android Devices

Researchers from a number of cybersecurity giants are banding together to fight a vast botnet comprised of some 70,000 devices blamed for a string of DDoS attacks in recent weeks.

Drawing striking parallels to last year’s Mirai botnet attacks, the new WireX botnet has, in recent weeks, pummeled a numbero f content providers and delivery networks with traffic from hijacked Android devices. Content delivery giant Akamai discovered the botnet malware after researching an attack on one of its clients. Upon closer inspection, WireX was revealed to be using a network of malware-infected devices to inundate targets with HTTP requests purporting to be legitimate traffic. The key difference from Mirai, which used compromised IoT and networking devices, sees WireX whipping up a botnet of at least 70,000 Android devices from over 100 countries, according to cybersecurity journalist Brian Krebs.

Although WireX was active from August 2, the majority of the attacks did not begin until August 15 before it eventually triggered red flags within the cybersecurity community on August 17.

“These discoveries were only possible due to open collaboration between DDoS targets, DDoS mitigation companies, and intelligence firms, wrote Akamai. “Every player had a different piece of the puzzle; without contributions from everyone, this botnet would have remained a mystery.”

After looking into the DDoS botnet malware targeting devices on its Android platform, Google discovered hundreds of seemingly benign apps on its Play Store spreading the malware and infecting victims’ Android devices.

In a statement, Google revealed:

We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices. The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.

Some of the rogue apps spreading the malware were discovered to be masquerading as legitimate applications including ringtone apps, video players, storage managers and more.

The FBI was also involved in the investigation into the botnet, which is now being curbed and eradicated.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

Former Rutgers Student Pleads Guilty to Creating Mirai Botnet

A former Rutgers university student is among three men who pleaded guilty to creating the dreaded...

Read more arrow_forward

Researchers Develop Mirai Malware Vaccine for Insecure IoT Devices

Researchers have developed a novel new way to combat the dreaded Mirai botnet, the malware behind a...

Read more arrow_forward