Overview

At the beginning of 2019, the domestic and overseas security vendors have detected cryptominers that spread via Android devices with an open ADB debug port. Recently, NSFOCUS Fu Ying Labs has detected once more such botnets that can be used to launch distributed denial-of-service (DDoS) attacks. The sample analysis suggests that this botnet family (named Darks) is another variant of the Mirai botnet, whose scanning behavior is highly similar to the mining sample discovered in early 2019. The mining sample is created for the mining purpose, while this sample is intended for DDoS. We suspect that the emergence of this sample possibly has something to do with the depression of the virtual currency industry. (mais…)