Security and denial-of-service prevention firm, Prolexic, has released a report showing its findings for the use of smartphone applications as distributed denial-of-service (DoS, or DDoS) delivery mechanisms.
Prolexic says that 2013 saw continued growth of the tactic whereby malicious software writers create botnets by creating smartphone applications that turn users’ phones into DDoS drones. With more and more users adopting smartphones, nefarious types have started embedding their botnet code within apps for the devices. Prolexic says that the last quarter of 2013 saw a 26% increase in total DDoS attacks compared to the same period in 2012.
“Malicious actors now carry a powerful attack tool in the palm of their hands, which requires minimal skill to use. Because it is so easy for mobile device users to opt-in to DDoS attack campaigns, we expect to see a considerable increase in the use of these attack tools in 2014,” says Stuart Scholly, president of Prolexic.
A denial-of-service attack is when a large number of computers – usually those that form part of a botnet – all attempt to connect to a target computer at the same time, continuously. The constant influx of traffic eventually means that the target computer succumbs, thus becoming unavailable to those who need to connect to it.
Prolexic’s response team, which monitors traffic for its global client base, detected the use of a tool called AnDOSid, an Android-based tool that enables one type of DDoS attack. The company also warns that other existing DDoS tools and mechanisms could be ported to the Android platform with ease. With Google reporting 1-billion Android activations as of September last year, that’s a potential one billion Android devices that could be loaded with this software. Even if just one percent of that total gets infected with a DDoS app, that’s 10-million phones for an attacker to control.
It is also a problem for the end users who unwittingly download and install the applications. Leaving them installed and running means that they become available for attackers to use in their DDoS attacks, which means massive data bills for every phone that’s used in an attack. This also presents a problem for cellular networks, which will take strain when thousands of devices start operating at maximum bandwidth at the same time.