Categories: NewsSecurity

DressCode Android Botnet Remains Active 16 Months After Its Discovery

Botnets have proven to be a major pain in the rear for both security researchers and consumers. DressCode, one of the oldest Android botnets in existence, is still operational 16 months after it was initially discovered. This is a very real problem, as the malware opens a direct connection to infected phones. It is unclear why this solution still thrives in 2018, especially considering that most of the infected Google Play apps were removed over a year ago.

DressCode Botnet is Still a Problem

In the world of internet security, there are still plenty of things which need to change sooner rather than later. One of the main priorities is finding a way to eliminate botnets once and for all. The concept of a botnet

is nothing new, as a large number of enslaved computers have become gateways for criminal activity ever since the Internet gained mainstream traction. Most victims don’t even know they are part of a botnet, let alone what they can do about it.

Android users may recall a botnet known as DressCode. It was first discovered back in 2016. At that time, the botnet mainly infected Android phones with a listening port which could be used to steal sensitive information. The malware was mainly distributed through Google Play apps, and over 400 such applications were promptly removed. One would expect that to have been the final straw for the DressCode botnet, but the reality is very different, unfortunately.

Indeed, recent evidence shows the DressCode botnet is still active in 2018. In fact, it seems to have grown in popularity and scale, which is extremely worrying. A total of four million Android devices may have become part of this growing botnet, mainly smartphones. It is certainly possible that Android tablets are also a part of this network, although we will need further research before drawing any conclusions on this front.

Related Post

DressCode’s method of attack hasn’t changed in those 16 months either. The malware still creates open ports on infected devices, creating a direct connection between the attackers and their victims. As a result, the assailants can infiltrate home and company networks to steal sensitive information. Additionally, this is not a vulnerability which only the developers of DressCode can take advantage of. The unencrypted interface used to connect to infected Android devices can be used by anyone else who knows where to look.

While some people may think their firewall will be able to halt such infiltration attempts, that is not the case. That’s because the DressCode botnet bypasses any and all firewalls found in home and SMB routers alike. Once the connection between the server and a victim is open, anyone with control over the server can tunnel through the mobile device. It is unclear what the full consequences of such connections may be, but rest assured hackers will do their best to wreak as much havoc as possible.

For the time being, it is unclear how DressCode is being used exactly or who is making use of it these days. Knowing that this botnet is still active and growing in size since its initial discovery is by far one of the biggest security scares of 2018. It seems impossible to take down this botnet altogether, as the central server and two of its public APIs are still active. Whether or not that situation will change remains to be determined. We can only hope security researchers can put an end to DressCode sooner rather than later.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Cheems Surge On BSC Network: A Rising Star With Growing Market Value

The Cheems token on the Binance Smart Chain (BSC) is gaining significant momentum, surging by…

7 hours ago

Lester Token Crashes 40% Following Official Announcement

The value of $LESTER plummeted by 40% in the past 24 hours, leaving its market…

7 hours ago

From $30K To Millions: The Wild Journey Of $Quant And Xiaohaige’s Memecoin Stunts

In a bizarre turn of events, a young live-streamer known as Xiaohaige created the memecoin…

7 hours ago

Whale “convexcuck.eth” Makes Bold $CVX Move, Nets Significant Profit Amid Price Surge

The crypto whale known as "convexcuck.eth" has made waves in the DeFi world, spending $2…

8 hours ago

$ELIZA Token Launch Marred By Insider Trading Allegations

The launch of $ELIZA, a token introduced by Andreessen Horowitz (a16z) partner @shawmakesmagic, has sparked…

8 hours ago

Cardano’s Rally Highlights Diverging Moves Among Investors

Cardano ($ADA) has been making waves in the crypto market, breaking away from the altcoin…

8 hours ago