The WireX Botnet warning Bulletin-vulnerability warning-the black bar safety net

2017-08-29T00:00:00
ID MYHACK58:62201788925
Type myhack58
Reporter 佚名
Modified 2017-08-29T00:00:00

Description

2017 8 May 17, named WireX BotNet the botnet by masquerading ordinary Android applications the way a large number of infected Android devices and launched a large-scaleDDoSattack, this caused a portion of the CDN provider's note, and thereafter from Akamai, Cloudflare, Dragon Age, Google, Oracle Dyn, RiskIQ, Team Cymru and other organizations for the event analysis, and on 8 March 28 release of the event Safety report. The safety report analysis shows that, the attacker may be from 7 in mid-May(possible earlier)start the formation of WireX BotNet, and by the small scale of the attack the victim network to profit. 8 month 7 days, the WireX BotNet began to flow more longer duration of theDDoSattack. From 8 January to 15 January, the WireX-inducedDDoSevent from at least 7 million unique IP addresses. 8 on 17 September to attack the data analysis shows that from more than 100 countries, the device is infected by WireX BotNet is. ! WireX BotNet source IP trends WireX BotNet mainly disguise with a great temptation and concealment of video player, ringtones, file Manager and other harmless applications, which had been found about 300 species of different mobile applications is dispersed in the Google Play Store. Now Google removed the affected apps, and start from all devices remove the malicious application, but it is unclear specifically how many Android devices are WireX infection. Currently, 360 mobile guards, 360 security guards and 360 mobile Assistant, the product has been able to accurately WireX BotNet killing, the technical level the analysis reported in reference 3 to determine the domestic more than 100 WireX BotNet related malicious Android applications. Please use the Android device user and the associated Android application market as soon as possible be related to the killing. 0x01 impact analysis Event level: the larger Infected with the Google Play Store and the part of the Android application market, there may be tens of thousands of Android devices affected. 0x02 treatment recommendations 1, suggest Android users install 360 mobile guards and other effective Endpoint Protection application for protection; 2, advice the Android app market for the stock and the submission of the application security scan on the frame; 0x03 timeline 2017-8-28 event disclosure 2017-8-29 360 beacon laboratory and 360NetLab for WireX technical analysis 2017-8-29 360CERT published early warning Bulletin