Home > Interesting > Chamois – The big botnet you didn’t hear about

Chamois – The big botnet you didn’t hear about

SINGAPORE—The Android security team announcing that it had eradicated the Chamois malware family from Google Play in March 2017, turned out to be Android’s “Mission Accomplished” moment. Version 3 of Chamois surfaced in January 2018, more sophisticated and virulent than previous versions, followed by version 4 a few months later.

Apps containing code associated with the Chamois malware family first surfaced on Google Play in August 2016, followed by version 2 in November 2016. At its peak, in March 2018, Chamois had infected 20.8 million devices, Android security engineer Maddie Stone said at the Kaspersky Security Analyst Summit. Infected devices were commandeered into a botnet, and received instructions from a remote command-and-control server.

The Android team has successfully chipped away at that number in the year since, and in March, there were fewer than 2 million infections.

Chamois was “the biggest botnet you’d never heard of,” Stone said.

Early versions of Chamois masqueraded as benign apps and tricked users into downloading the apps on to their devices, but Google Play’s scanning tools became more efficient and effective at recognizing and blocking Chamois. Later versions of Chamois switched tactics and tricked app developers and device manufacturers into incorporating the code directly into their apps, making it possible for these tainted apps to appear on Google Play, Stone said.

https://duo.com/decipher/chamois-the-big-botnet-you-didnt-hear-about

Advertisements
Categories: Interesting Tags: ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: