AndroidBauts

Posted: October 11, 2019

AndroidBauts Description

AndroidBauts is a large-scale Android botnet designed with the sole purpose of delivering advertisements to its victims. At its peak, the botnet contained over 550,000 devices, and its operators were able to collect software and hardware information about each of their victim, and then assign advertisements to them either automatically or manually. The AndroidBauts Botnet appears to be most active in India and Indonesia, but a large number of infected devices were detected in Malaysia, Vietnam, Russia, Argentina and other regions.

AndroidBauts Concentrates Its Activity in Russia

Allegedly, a large number of infections were achieved by hosting bogus applications on the Google Play Store. The attackers used four separate application packages to distribute their threatening application – all of those have been erased from the Google Play Store, but they may still be running on devices around the world. Although AndroidBauts functions as adware, it carries out some potentially harmful tasks that help the attackers gain more information about the infected device. AndroidBauts collects:

  • IMEI, IMEI2, IMSI, and IMSI2.
  • Processor manufacturer, model, number of cores and frequency.
  • Root status.
  • Android version.
  • MAC Address.
  • Telephone numbers 1 & 2 (if it is a dual-SIM phone).
  • Phone storage size and memory card storage size (if available).

AndroidBauts Ccn Display Advertisements and Receive Remote Commands

When the AndroidBauts adware is planted, its operator can send remote commands that are to be executed on the compromised device. In addition to receiving commands, the device also can transmit information to the attacker's server. This utility can be used to check if the device is online, request new advertisements, check ad status and update device information (e.g., if a new SIM card is inserted).

While the AndroidBauts Botnet is being used to deliver advertisements at the moment, it is possible for its operators to make it serve a far more devious purpose – to deliver malevolent files, collect information, and more. It is recommended to keep your devices protected from threats like AndroidBauts by using a reputable anti-virus product, as well as by being more careful about the apps and files you download to your phone or tablet.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to AndroidBauts may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.