New Botnet Hides in Blockchain DNS Mist and Removes Cryptominer
Credit:
Bleeping Computer
A new botnet captured the attention of security researchers through its harmless behavior and the use of an original communication channel with its command and control server.
Fbot is a peculiar variant of Mirai that preserves the original DDoS module but does not appear to use it. This is not the oddest thing yet because its purpose at the moment is to search for devices infected with a cryptomining malware and clean them.
Security researchers from Qihoo's 360Netlab discovered the new strain and noticed that it hunted down a botnet malware called 'com.ufo.miner,' a known variant of ADB.Miner that mines for Monero on Android devices (smartphones, smart TVs, set-top boxes).