View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 29, 2017updated 08 Dec 2017 8:46pm

Google, Oracle Dyn and Akamai among team tackling botnet threat

Botnets pose an increasingly serious threat as connected devices are emerging at a fast and constant rate, creating a vast attack surface.

By Tom Ball

A formidable botnet called WireX targeting Android devices to launch DDoS attacks has been traced, with a team of high profile members banding together to tackle the threat.

Along with Google and Akamai, Oracle Dyn, Cloudflare, Flashpoint, and RiskIQ are also contributing to the effort to take the fight to WireX.

The botnet has found to be targeting content providers and content delivery networks. Google is at the core of this initiative because its own Play Store was found to be carrying the malicious threat.

Following this discovery, a major application exodus took place, and Google is now turning to eradicate WireX from devices.

A blog post from the consortium on the attack said: “The first available indicators of the WireX botnet appeared on August 2nd as minor attacks that went unnoticed at the time. It wasn’t discovered until researchers began searching for the 26 character User-Agent string in logs. These initial attacks were minimal and suggest that the malware was in development or in the early stages of deployment. More prolonged attacks have been identified starting on August 15th, with some events sourced from a minimum of 70,000 concurrent IP addresses, as shown in Figure 1.”

Botnets are taken extremely seriously, with memories of the notorious Mirai Botnet still haunting many. The huge influx in the use of connected devices has increased the scale and accelerated the advance of the threat.

“These discoveries were only possible due to open collaboration between DDoS targets, DDoS mitigation companies, and intelligence firms. Every player had a different piece of the puzzle; without contributions from everyone, this botnet would have remained a mystery,” the blog post continued.

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals
READ MORE: Learning from Dyn and Mirai: defeating IoT botnets

This marks yet another instance in which collaboration is proving to be essential for the purpose of security, with the tactics of walls and shields surrounding an organisation relegated to the past.

The blog post concluded: “The best thing that organizations can do when under a DDoS attack is to share detailed metrics related to the attack. With this information, those of us who are empowered to dismantle these schemes can learn much more about them than would otherwise be possible.”

Topics in this article : , , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU