Matryosh Botnet
Owners of Android devices are at risk of being targeted by the new and growing Matryosh Botnet. This campaign appears to target Android devices exclusively. It relies on a single infection vector – accessing the Android Debug Bridge (ADB) interface on devices, which have it enabled by default. Usually, most smart device vendors disable this feature before the product is shipped to clients, but, surprisingly, there also is a large number of devices with this service enabled. An unsecured ADB service could be easily compromised by an evil-minded user and then abused to install software without the user's approval.
When the Matryosh Botnet is deployed, it will register the device with the master command-and-control server immediately and then await further instructions. Surprisingly, the authors of the Matryosh Botnet are not using it to mine cryptocurrency, and, instead, Matryosh si designed to execute Distributed Denial-of-Service (DDoS) attacks.
Cybersecurity experts note that there are great similarities between the modus operandi of the Matryosh Botnet and the relatively old LeetHozer Botnet. This might mean that the same group of cybercriminals might be involved in the development of this new malware strain. Android users can stay safe by installing a reputable anti-malware app, as well as by making sure that the Android Debug Bridge service is turned off.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.