Tag Archive for: blows

Security Report Blows The Whistle On A Massive Android TV Botnet Campaign


security report blows the whistle on a massive android tv botnet campaign

Botnet activities are usually sniffed out and found fairly routinely, but it seems that a previously unknown cybercrime gang named Bigpanzi has been laying low and getting away with it. New reports suggest that this gang has amassed a 170,000-device-strong botnet since 2015, developing along with it an admittedly impressively vast infrastructure network.

This week, researchers out of Qianxin Xlabs, a Chinese research group, published a report on the threat group Bigpanzi. This discovery began with the finding of a virus sample called pandoraspear, which contained nine hardcoded C2 domain names. Two of these domain names were expired, so the researchers elected to register the domains and determine the botnet’s size. This allowed them to find that the network had 170,000 daily active bots which are primarily based out of Brazil.

apps security report blows the whistle on a massive android tv botnet campaign
Examples of some of the sites for the malicious apps.

While the Bigpanzi gang went after the researchers after they made this discovery, the investigation continued. This allowed them to find several download scripts and other information, further revealing the threat actor group’s infrastructure and motives. Namely, it is noted that the group “primarily targets Android OS TVs and set-top boxes, as well as eCos OS set-top boxes.” This is based on getting users to install apps or updates to gain control of the systems rather than relying on leveraging vulnerabilities.

map security report blows the whistle on a massive android tv botnet campaign

Beyond standard botnet activities like distributed denial-of-service (DDoS), this network can “disseminate any form of visual or audio content, unbound by legal constraints.” The concern is that the botnet could “broadcast violent, terroristic, or pornographic content, or to employ increasingly convincing AI-generated videos for political propaganda, poses a significant threat to social order and stability.”

How this group operates and its potential capabilities are rather interesting, as this is something that has yet to be seen. Further, it is fascinating that they have been able to lay low for so long without discovery while being so widespread. You can see the full coverage of the group on the Xlabs site, but perhaps the key takeaway is that one should not just install…

Source…

John Oliver blows up the myth of hack-proof iPhones with hilarious ad mocking Apple

On HBO’s Last Week Tonight, host John Oliver delved into the tricky subject of data encryption that has the FBI butting heads with Apple. The host touched on the slippery slope of the Justice Department’s efforts to have Apple create a program that …
mac hacker – read more

Invasive phone tracking: New SS7 research blows the lid off mobile security – ZDNet


ZDNet

Invasive phone tracking: New SS7 research blows the lid off mobile security
ZDNet
Hacker conference Chaos Communication Congress 31c3 is under way in Hamburg, Germany right now where a cluster of SS7 talks have revealed the ease of invasive cell phone surveillance. Three groundbreaking research presentations and live …

and more »

“mobile security” – read more