The cyber security industry has a new front to defend. Hackers are migrating their malicious techniques and technology to mobile platforms and businesses, organizations and users are already feeling the impact.
Android: The New DDoS Launchpad
A new Android app is causing the mass distribution of a DDoS malware. This DDoS tool uses a Low Orbit Impact Cannon (LOIC) to send TCP/UDP packets to a URL of the hacker’s choosing.
Originally, LOIC was an attack that originated from desktops. But a hacker took the open-source LOIC and converted it into an Android app that has sent the security industry reeling. Current mobile infrastructures are vulnerable to hacking and cyber hijacking—the standard security measures of desktop networks and operating systems are rarely seen on mobile devices.
The Problem of Super Proxies
DDoS attacks sent from mobile devices present a difficult challenge for mitigation; malicious data packets sent from mobile devices travel in “Super Proxies,” or secure servers channeling data from countless other mobile devices.
Data traveling in Super Proxies is notoriously difficult to separate and filter. Simply installing a piece of hardware that can stop traffic from specific IPs is not enough; this will cause the server to group bad traffic with that of legitimate users. When users can’t get through to the server, the DDoS hacker has succeeded in ‘denying service.’
Mobile DDoS and Android.DDoS.1.origin
The cyber-security community is trying to take lessons from a dangerous mobile DDoS event in 2012.
Most substantial DDoS events require a ‘botnet’ or ‘zombie’ army to carry out the attack, and Android.DDoS.1 was no different. It began when a hacker disguised malware in a fake Google Play application. Users downloaded the bogus software onto their devices, giving the hacker remote command of the mobile’s computing power.
After amassing a significant botnet army, the hacker sent commands via SMS (didn’t the hacker know about Whatsapp?) to the DDoS viruses. These instructions included the target’s server address and a script to repeat. Once confirmed, the mobile devices also sent out spam text messages to the victim’s contact list, likely to spread the virus.
With thousands of these infected mobile devices operating in unison, their requests generated a powerful DDoS force capable of overwhelming even large target servers. One mobile device sending bad requests does little, but an army can do some serious damage.
Even experienced users who are wary of the typical trappings of PC-based malware may not be aware of the new dangers on mobile. Expect to see hackers getting more creative as the vulnerabilities in mobile networking are exposed.
Handling the New Wave of Mobile DDoS
Organizations and businesses trying to stay ahead of the DDoS mobile evolution are entrusting their security measures to experienced third-party protection services, whose robust networks are equipped to handle TCP and UDP attacks, among all other major attack methods in the security landscape.