AndroidBauts is a large-scale Android botnet designed with the sole purpose of delivering advertisements to its victims. At its peak, the botnet contained over 550,000 devices, and its operators were able to collect software and hardware information about each of their victim, and then assign advertisements to them either automatically or manually. The AndroidBauts Botnet appears to be most active in India and Indonesia, but a large number of infected devices were detected in Malaysia, Vietnam, Russia, Argentina and other regions.
AndroidBauts Concentrates Its Activity in Russia
Allegedly, a large number of infections were achieved by hosting bogus applications on the Google Play Store. The attackers used four separate application packages to distribute their threatening application – all of those have been erased from the Google Play Store, but they may still be running on devices around the world. Although AndroidBauts functions as adware, it carries out some potentially harmful tasks that help the attackers gain more information about the infected device. AndroidBauts collects:
- IMEI, IMEI2, IMSI, and IMSI2.
- Processor manufacturer, model, number of cores and frequency.
- Root status.
- Android version.
- MAC Address.
- Telephone numbers 1 & 2 (if it is a dual-SIM phone).
- Phone storage size and memory card storage size (if available).
AndroidBauts Ccn Display Advertisements and Receive Remote Commands
When the AndroidBauts adware is planted, its operator can send remote commands that are to be executed on the compromised device. In addition to receiving commands, the device also can transmit information to the attacker's server. This utility can be used to check if the device is online, request new advertisements, check ad status and update device information (e.g., if a new SIM card is inserted).
While the AndroidBauts Botnet is being used to deliver advertisements at the moment, it is possible for its operators to make it serve a far more devious purpose – to deliver malevolent files, collect information, and more. It is recommended to keep your devices protected from threats like AndroidBauts by using a reputable anti-virus product, as well as by being more careful about the apps and files you download to your phone or tablet.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to AndroidBauts may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.