Become a fan of Slashdot on Facebook


Forgot your password?
Android Botnet Security Businesses Privacy Software Hardware

Tech Firms Team Up To Take Down 'WireX' Android DDoS Botnet ( 29

An anonymous reader quotes a report from Krebs On Security: A half dozen technology and security companies -- some of them competitors -- issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle "WireX," an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks. Experts involved in the takedown warn that WireX marks the emergence of a new class of attack tools that are more challenging to defend against and thus require broader industry cooperation to defeat. News of WireX's emergence first surfaced August 2, 2017, when a modest collection of hacked Android devices was first spotted conducting some fairly small online attacks. Less than two weeks later, however, the number of infected Android devices enslaved by WireX had ballooned to the tens of thousands. Experts tracking the attacks soon zeroed in on the malware that powers WireX: Approximately 300 different mobile apps scattered across Google's Play store that were mimicking seemingly innocuous programs, including video players, ringtones or simple tools such as file managers.

Experts involved in the takedown say it's not clear exactly how many Android devices may have been infected with WireX, in part because only a fraction of the overall infected systems were able to attack a target at any given time. Devices that were powered off would not attack, but those that were turned on with the device's screen locked could still carry on attacks in the background, they found. The identical press release that Akamai and other firms involved in the WireX takedown agreed to publish says the botnet infected a minimum of 70,000 Android systems, but Seaman says that figure is conservative.

This discussion has been archived. No new comments can be posted.

Tech Firms Team Up To Take Down 'WireX' Android DDoS Botnet

Comments Filter:
  • Another day, another Android security mess. Oh, and look, it comes straight from the Google Play store, again.
    • by Anonymous Coward

      To be fair, this doesn't seem to be an Android exploit as much as malware hidden in the lgexin library. Malware which probably looks to the system like an app just sending out lots of data -- nothing that compromises the device itself (except maybe some battery life). It's something better suited for an antivirus app to find*.

      It seems unfair to me to act as though it's the OS itself with the issue. I'd say Android actually has a lot of good security hardening measures in it as of 7.0: https://source.andr

  • Android is currently more or less a disaster in terms of updates and security fixes. To people used to "apt-get upgrade" and "unattended-upgrades", the situation is laughable - you buy a phone and you know from the start you will get (maybe) one update to the next version of the OS - if you're lucky. After that, you're left in eternal limbo - an easy target for exploits and all sorts of malware.

    Android Treble [] may finally help with this disaster - but for now, those of you that can, should try LineageOS.

"Pull the wool over your own eyes!" -- J.R. "Bob" Dobbs