The IBM study found that future botnet propagation or affect bitcoin mining process
A recent study found that the enterprise networking (IoT), the future evolution of the botnet has been in some private and public computer to install illegal bitcoin mining code.
This botnet is used, some of the largest known distributed denial of service (DDoS) attacks, such as the deletion of DynDNS, experts believe that DDOS is a bitcoin network suffered the largest in the history of network attack.
The future of IoT botnet propagation
The botnet was discovered in August 2016, the white hat security research group Malwaremustdie said that the future will run in the Linux version of network equipment obsolete into remote control “robot” or “zombie”, for DDoS attacks.
IBM security service management senior threat researcher DaveMcmillen said: “the future development of the botnet mainly serves two main purposes. The first is the recognition and compromise of the IoT equipment used to extend the Botnet, followed by the predefined target execution DDoS attack.
In January, the study found that a kind of communication through Windows botnet future robot variants. Kabasiji lab’s global research team wrote:
The Windows robot is not just what happened, so it in WindowsBOT for future expansion method is very limited, it only provides future robots from the Windows host to the Linux host function, unless it can be successfully connected to the remote telnet.”
Nevertheless, Kabasiji laboratory data show that as of February this year, has 500 unique system attacks. Kabasiji, chairman of the laboratory security researcher Kurt Baumgartner (KurtBaumgartner) said:
In the Linux platform and Windows communication between the future appears to be a real concern […] a Windows botnet propagation IoT let the future robot to every corner of the future spread to new equipment and available network, spread to cannot be used before to operators, but this the effect of this botnet is just the beginning.”
Mcmillen wrote: last week, IBMX-Force found “ELFLinux/Mirai” a new variants of malicious software, it has a new change: the built-in bitcoin mining component, and began to attack the bitcoin miners in March 20th. The malware in March 25th soared, but the activity subsided in eight days after the start “. The future botnet activity rule is unknown.
“We don’t have any evidence of why this attack is short, but to see such a short life cycle of movement is very common.” Mcmillen told Eweek publications.
In addition, the bitcoin client not embedded into the future of the malware itself. On the contrary, bitcoin miners are the future of the dropper, the back door of the Dofloo, Linux shell, is also part of the slave file bitcoin miners, “explained the publication. Although the attacker is unclear, but Mcmillen confirmed in a publication: “most attacks may come from the Asia Pacific region, because of the language interface that may be derived from the sources of Chinese attacks do.”
Mcmillen also said: “we have no opinion on these attacks is really a bitcoin mining.”
He pointed out that the ability to identify new variants of the need to do more work, he wrote: it is possible that when the robots of the future idle and wait for further instructions, can use them into the mining model.
Mcmillen pointed out: “to solve the IoT botnet phenomenon must require all stakeholders to take measures to protect the equipment. He said: “if the weapons equipment networking DDoS malicious botnet is the latest trends, then transformed it into bitcoin miners may be around the corner,” he concluded.