The Hide and Seek IoT botnet has recently been updated by its creators to now target Android devices as well. The security analysis reveals that the newly released is even more dangerous than before. Our article sums up the changes and new damage potential.
Аndroid Devices at Risk of Hide and Seek Iot Botnet Attacks
The Hide and Seek IoT botnet has been updated to act against Android devices. The criminal collective behind its development has been observed to add new functionality in frequent incremental optimizations to the main engine. The Android infections seem to be caused not by targeting certain vulnerabilities, instead focusing on abuse of the Android Debug Bridge (ADB) option. By default this is turned off however in some cases users may want to turn it on.
The new botnet samples focus on the devices that have set the ADB option on either by default or by the users. When this function is enabled the devices are exposed as this will open a network port accessing remote connections. Malicious operators have been spotted to perform unauthenticated login attempts — using either default passwords or brute forcing the devices.
The Hide and Seek IoT botnet has been spotted to have added about 40 000 devices to its arsenal, the infected devices are mostly from China, Korea and Taiwan. Many Android devices are now part of the home infrastructure — phones, tablets, TVs and other peripherals. This is the reason why attacks using it are very regarded as critical.
The attacks also lead to the conclusion that the criminal collective behind the botnet is constantly working to update its features. The vastly increased number of infected devices is evident that the botnet is gaining momentum. Botnets are (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/hide-seek-iot-botnet-now-set-android-devices/