or Connect
AppleInsider › Forums › Mobile › iPhone › New Android "RAT" infects Google Play apps, turning phones into spyware zombies
New Posts  All Forums:Forum Nav:

New Android "RAT" infects Google Play apps, turning phones into spyware zombies

post #1 of 171
Thread Starter 
An easy to use new "Remote Administration Tool" malware package for Android offers to infect users, steal their photos and text messages, secretly capture audio or video, record their calls, download their web browser history and steal their email, Facebook and VPN account information.

Android RAT Dendroid


The practice of selling such a malware package targeting Android is so common it has a pet name among security researchers: an "Android RAT," for Remote Administration Tool.

However, the latest RAT is raising eyebrows in the security community because of its low cost (just $300 for unlimited use, paid for via untraceable currencies such as Bitcoin) and its ability to sneak past Google's automated malware scanner in the Google Play app market, where legitimate appearing, RAT-infected apps can hide out undetected.

Dendroid infects Google Play, gnaws at user data



Known as Dendroid, the new Android RAT package is being sold as an "APK Binder," which can take any original or stolen Android app and incorporate its own malware as a Trojan payload. After distributing the infected app, Dendroid's RAT customers can monitor the spread of their infection via web based tools.

RAT infected Android devices can be remotely zombified by the perpetrator, allowing virtually unlimited access to photos, data and messages on the device. The Dendroid RAT provides full access to infected devices' camera and microphone, and can place calls or listen in on a user's phone conversations or text messages.

Android spy tool Dendroid


Distributing Dendroid is easy because, as a report by security firm Lookout stated, "it looks as if Dendroid was designed with evading Play Store security in mind."

The firm noted that, "Amongst its numerous features, Dendroid features some relatively simple -- yet unusual -- anti-emulation detection code that helps it evade detection by Bouncer, Google's anti-malware screening system for the play store."

Google's Bouncer scans for malware by emulating submitted apps to review their functionality for telltale, illegal behaviors. Dendroid-infected Android apps are designed to be smart enough to avoid executing their malware code while being run in emulation by Google's Bouncer scanning process.

Malware is Android's primary exclusive app



Most malware is incentivized by commercial activity, often by presenting ads or spreading spyware that can harvest valuable marketing data. In addition to these, Dendroid also offers to earn its keep as a tool for generating massive Denial of Service attacks across the population of its infected devices.

A report by Lucian Constantin for IT World cited Bogdan Botezatu, a senior e-threat analyst at Bitdefender as saying that "Dendroid is a much improved remote access tool that is definitely aimed for commercial purposes," adding that "Although it roughly does the same as Androrat [an older Android RAT], it appears to be much more stable and allows cybercriminal groups to better manage the pool of mobile bots." Android malware has pretty much followed in the footsteps of Windows malware

Constantin noted that "Android malware has pretty much followed in the footsteps of Windows malware," again citing Botezatu as stating that "Cybercrime is all about making easy money with minimum of effort. Creating a piece of malware that is stable, tested and does not crash the host device requires a lot of work and skill."

How to avoid Dendroid



Android users can adopt the same protections that Windows PC users did during the malware crisis that plagued Microsoft's platform ten years ago. That includes not installing apps from untrusted sources and installing third party malware scanner tools.

Over the past ten years however, a significant portion of Windows users have simply switched from the wide open, malware saturated Windows platform to Apple's Macs and iOS devices. Macs never became a significant malware target, an advantage Apple advertised and worked to preserve.

When it introduced iOS in 2007, Apple incorporated a new security model that attempted to destroy the low hanging fruit supporting the malware market on previous mobile devices.

Apple stated that it "designed the iOS platform with security at its core," detailing that, "when we set out to create the best possible mobile OS, we drew from decades of experience to build an entirely new architecture. We thought about the security hazards of the desktop environment, and established a new approach to security in the design of iOS. We developed and incorporated innovative features that tighten mobile security and protect the entire system by default. As a result, iOS is a major leap forward in OS security."

Apple has since brought many of these protections to its desktop Mac platform, from signed apps to a secure app market and regular free software updates that target and solve vulnerabilities faster than malware authors can build a business around them.

In stark contrast, Google simply recreated Microsoft's malware-harboring platform among mobile devices via Android, allowing third party developers to release "open" apps that can obtain inappropriate access to user content and data.



Google maintains no accountability for the devices that ship with Android, and most devices ship with outdated versions with known security vulnerabilities. Most of these will never receive security updates.
post #2 of 171
yikes
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #3 of 171

Any stats on infection rates and geographic locations of those most at risk?  No?  I wonder why that could be.

post #4 of 171

The denial of service capabilities available to the RATs can affect anyone regardless of which platform they use. With the possibilities of millions or even billions of infected Android devices, no one is immune from their DDOS attacks.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #5 of 171
An app that at least appeared to have Dendroid code actually made it into Google Play, It was caught before it had been downloaded more than 50 times according to ARS. There's attacks coming at us from all directions anymore.
http://arstechnica.com/security/2014/03/malware-designed-to-take-over-cameras-and-record-audio-enters-google-play/
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #6 of 171
Troubling indeed.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #7 of 171
Quote:
Originally Posted by AppleInsider View Post


Google maintains no accountability for the devices that ship with Android... Most of these will never receive security updates.

The article was actually pretty informative, at least until it strayed into misinformation at the very end. Every Google Android device with 2.3 and above (that's pretty much all of them) have received security updates even if the OS itself is still an older version. Security and feature updates can come directly from Google via Play Services and have.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #8 of 171
Quote:
Originally Posted by Gatorguy View Post

 There's attacks coming at us from all directions anymore.

Right because there are so many directions that Android apps can take to deliver malware. It is nice that Google Play caught one app but what about all the other ways to download apps for Android? In the old days they would post a link to see Britney nude, now just substitue Taylor Swift or whomever and download away.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #9 of 171
Quote:
Originally Posted by Gatorguy View Post

Every Google Android device with 2.3 and above (that's pretty much all of them) have received security updates even if the OS itself is still an older version..

Spin doctoring. What do security updates for older phones have to do with this type of app that bypasses every security protocol in place for even newer phones?

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #10 of 171
Quote:
Originally Posted by mstone View Post
 
Quote:
Originally Posted by Gatorguy View Post

 There's attacks coming at us from all directions anymore.

Right because there are so many directions that Android apps can take to deliver malware. It is nice that Google Play caught one app but what about all the other ways to download apps for Android? In the old days they would post a link to see Britney nude, now just substitue Taylor Swift or whomever and download away.

comes with the territory of having the highest market share unfortunately.  When there is a will, there is a way.  

 

Not sure that sticking your head in the ground and being skeptical of validity of this story is a productive move. Therefore, I am glad Google has acknowledged there is a challenge because they are the #1 target, and hopefully for the sake of their users they will step up the effort, even if it means being less "open".

 

Just hope its not too late to get the horse back into the barn.


Edited by snova - 3/7/14 at 4:34pm
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #11 of 171
Quote:
Originally Posted by snova View Post
 
 Therefore, I am glad Google has acknowledged there is a challenge because they are the #1 target, and hopefully for the sake of their users they will step up the effort, even if it means being less "open".

Toothpaste cannot be put back in the tube. Google unleashed Android on the world and they can't recall it.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #12 of 171
RAT has got to be the best acronym for malware.

Quote:
Originally Posted by Gatorguy View Post

Every Google Android device with 2.3 and above (that's pretty much all of them) have received security updates even if the OS itself is still an older version. Security and feature updates can come directly from Google via Play Services and have.

Sure, they have gotten some security updates with the lateral move Google implemented, which is good, but does that mean that all the holes that are in version 2.3 are now closed as if they were running 4.4? And why have the different versions if the actual OS version doesn't mean anything? And what about the different API versions? 2.3 "Gingerbread is API Level 10 while 4.4 "Kit Kat" is API Level 19. Those have to mean something otherwise why have them at all?

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #13 of 171
Quote:
Originally Posted by mstone View Post

Toothpaste cannot be put back in the tube.

This sounds like a job for Mythbusters.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #14 of 171
Quote:
Originally Posted by Gatorguy View Post

[quote name="AppleInsider" url="/t/162893/new-android-rat-infects-google-play-apps-turning-phones-into-spyware-zombies#post_2483375

Google maintains no accountability for the devices that ship with Android... Most of these will never receive security updates.[/quote]

The article was actually pretty informative, at least until it strayed into misinformation at the very end. Every Google Android device with 2.3 and above (that's pretty much all of them) have received security updates even if the OS itself is still an older version. Security and feature updates can come directly from Google via Play Services and have.

 

Android 2.3 has known vulnerabilities that Google is never going to patch. That, and every security and networking company of record on the subject has echoed what Juniper says (a pic even included in the story for you): majority of Android users are unpatched. 

 

It’s not in Google’s interest, nor that of the carrier or hardware maker, to create and distribute updates. All they want to do is ship volumes as broadly as possible, just like the PC makers who presided over the Windows Malware Era. 

 

Google turned back the clock after iOS and promised a new world of exciting openness. It was wrong. Android’s "Open" has been a total failure across the platform. 

post #15 of 171
Quote:
Originally Posted by mstone View Post

The denial of service capabilities available to the RATs can affect anyone regardless of which platform they use. With the possibilities of millions or even billions of infected Android devices, no one is immune from their DDOS attacks.

How could these denial of service attacks be fended off?
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
post #16 of 171
Quote:
Originally Posted by mstone View Post

Spin doctoring. What do security updates for older phones have to do with this type of app that bypasses every security protocol in place for even newer phones?

Obviously you cover the stuff you can but no consumer OS can catch everything. RAT malware evades Mac defenses too IIRC. Wan't there some email infection going around disguised as FedX or DHL notices a couple months back? I received a couple of those myself but was smart enough to delete them. You can be sure that some folks didn't.

Still doesn't make the last paragraph of the article true in any event. It isn't. Google has rolled out security updates to essentially ALL Google Android devices whether the manufacturer made an OS update available or not.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #17 of 171
Quote:
Originally Posted by DroidFTW View Post
 

Any stats on infection rates and geographic locations of those most at risk?  No?  I wonder why that could be.

 

In whose interest would that be? That’s as dumb as saying President Reagan ignored AIDS for years so it probably wasn’t a real problem.

post #18 of 171
Quote:
Originally Posted by SolipsismX View Post
 
This sounds like a job for Mythbusters.

You know Mythbusters actually used one of our products in their show. They called us up to ask permission. The show wasn't about our product, just that they used it to debunk something else.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #19 of 171
Quote:
Originally Posted by Gatorguy View Post
 
 Google has rolled out security updates to essentially ALL Google Android devices whether the manufacturer made an OS update available or not.

Push or hunt and seek?

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #20 of 171

post #21 of 171

Get ready for some Android Apologist knee-jerk reactions:

 

1. But most Android users don't even know about Google Play, so they're safe.  Oh wait...

2. But it only affects the latest 4.4 KitKat release, and almost nobody has that yet.  Oh wait...

3. So yeah, the RAT affects other releases.  It proves that fragmentation isn't really all *that* bad. Oh wait...

4. But most Android devices are Chinese no-name knockoffs that don't connect to Google Play anyway.  Oh wait...

5. But lots of Android devices are Kindle Fires, which are running a non-Google Play fork of Android.  Oh wait...

6. But 99% of all mobile malware is on Android already, so what's one more little bad app?  Oh wait...

7. etc.

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #22 of 171
Quote:
Originally Posted by mstone View Post
 
Quote:
Originally Posted by snova View Post
 
 Therefore, I am glad Google has acknowledged there is a challenge because they are the #1 target, and hopefully for the sake of their users they will step up the effort, even if it means being less "open".

Toothpaste cannot be put back in the tube. Google unleashed Android on the world and they can't recall it.

you can put toothpaste back into the tube, it just isn't pretty or very productive. It cheaper and less hassle to buy a new tube.   Not sure what this means for Google, but at least we have the toothpaste myth covered. ;-)

"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #23 of 171
Quote:
Originally Posted by SolipsismX View Post

RAT has got to be the best acronym for malware.
Sure, they have gotten some security updates with the lateral move Google implemented, which is good, but does that mean that all the holes that are in version 2.3 are now closed as if they were running 4.4? And why have the different versions if the actual OS version doesn't mean anything? And what about the different API versions? 2.3 "Gingerbread is API Level 10 while 4.4 "Kit Kat" is API Level 19. Those have to mean something otherwise why have them at all?

 

Yes. That's exactly how it works.

This is truly an embarrassing article. It was on the Play store for a day and Google immediately remotely uninstalled it from any devices that had downloaded it (less than 50 BTW).

It's insanely easy to avoid malware in Android. Don't use 3rd party app stores. The only reason this is even an issue is because of China. Google refuses to comply with Chinese government censorship requirements (as they rightfully should, unlike Apple) so they can't distribute the Google Play app store in China, thus the reason 3rd party app stores with malicious apps exist.

Even if you install a malicious app from a 3rd party app store, you have to select continue after a pop-up notification warns you that the app you're trying to install was scanned and shown to contain malicious code.

post #24 of 171
Quote:
Originally Posted by NexusPhan View Post
 

It's insanely easy to avoid malware in Android. 

this is a great quote juxtaposed against the classic Steve Jobs' quote. 

"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #25 of 171
Quote:
Originally Posted by Corrections View Post

Android 2.3 has known vulnerabilities that Google is never going to patch. That, and every security and networking company of record on the subject has echoed what Juniper says (a pic even included in the story for you): majority of Android users are unpatched.

You claimed "Most of these will never receive security updates" which is easily proven false. Granted there may be some vulnerabilities that go unpatched (do you have any example) but that's not at all the same as going overboard with "No security updates for you" scareware. Google has demonstrated it's commitment to protecting it's users while still allowing a high degree of customizing. I think they've done pretty well finding a middle ground that fills most of it's buyers needs while avoiding a hard lockdown of the ecosystem. Android was never intended to be an OS controlled from top to bottom by a single manufacturer.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #26 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
How could these denial of service attacks be fended off?

DDOS usually attacks web servers. We have been affected on several occasions when we were in a shared colo-datacenter. We had a gamer company on the same firewall/router that we we're on. When some hackers went after the gamer company we got DDOS too. We used to have our own mini datacenter but we opted for the big data center bandwidth and security. As it turns out we had to abandon that program because of DDOS on our neighbors. We brought everything in-house again. A lot more expensive but no attacks for the last year or two. Neighborhood is an accurate analogy. Difference between living in the city and out in the suburbs.

 

When a data center gets attacked with DDOS they bring in the Cisco security team and try to identify the packet signature and set up an edge router rule to drop the request. This usually takes a couple hours. Once they have identified the packet they notify the upstream providers and start blocking it at the major peering points. Takes a long time and the damage is usually done by the time they get a handle on it.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #27 of 171
Quote:
Originally Posted by NexusPhan View Post

Yes. That's exactly how it works.
This is truly an embarrassing article. It was on the Play store for a day and Google immediately remotely uninstalled it from any devices that had downloaded it (less than 50 BTW).
It's insanely easy to avoid malware in Android. Don't use 3rd party app stores. The only reason this is even an issue is because of China. Google refuses to comply with Chinese government censorship requirements (as they rightfully should, unlike Apple) so they can't distribute the Google Play app store in China, thus the reason 3rd party app stores with malicious apps exist.
Even if you install a malicious app from a 3rd party app store, you have to select continue after a pop-up notification warns you that the app you're trying to install was scanned and shown to contain malicious code.

Just to be crystal clear, you're claiming that when they do these lateral updates via Google Play it also then updates the kernels and every bit of code for the Android OS so that it is no longer v2.3 but instead v4.4 in every way except name.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #28 of 171
Quote:
Originally Posted by Corrections View Post

Android 2.3 has known vulnerabilities that Google is never going to patch. That, and every security and networking company of record on the subject has echoed what Juniper says (a pic even included in the story for you): majority of Android users are unpatched. 

It’s not in Google’s interest, nor that of the carrier or hardware maker, to create and distribute updates. All they want to do is ship volumes as broadly as possible, just like the PC makers who presided over the Windows Malware Era. 

Google turned back the clock after iOS and promised a new world of exciting openness. It was wrong. Android’s "Open" has been a total failure across the platform. 

Such a penchant for melodrama. The world didn't end with the malware magnet that was Windows XP, and it surely isn't going to end now.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #29 of 171
Quote:
Originally Posted by Gatorguy View Post
 
Quote:
Originally Posted by Corrections View Post

Android 2.3 has known vulnerabilities that Google is never going to patch. That, and every security and networking company of record on the subject has echoed what Juniper says (a pic even included in the story for you): majority of Android users are unpatched.

You claimed "Most of these will never receive security updates" which is easily proven false. Granted there may be some vulnerabilities that go unpatched (do you have any example) but that's not at all the same as going overboard with "No security updates for you" scareware. Google has demonstrated it's commitment to protecting it's users while still allowing a high degree of customizing. I think they've done pretty well finding a middle ground that fills most of it's buyers needs while avoiding a hard lockdown of the ecosystem. Android was never intended to be an OS controlled from top to bottom by a single manufacturer.

to be fair. most != none != some.   I guess we would have to quantify "most" as a percentage of Android marketshare. 

"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #30 of 171
Quote:
Originally Posted by mstone View Post

You know Mythbusters actually used one of our products in their show. They called us up to ask permission. The show wasn't about our product, just that they used it to debunk something else.

Which episode was this. I want to see if I can figure it out.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #31 of 171
Heh—be funny if it were called DEDroid. 1wink.gif
“I wasted time, and now doth time waste me.”
Reply
“I wasted time, and now doth time waste me.”
Reply
post #32 of 171
Quote:
Originally Posted by mstone View Post

Quote:
Originally Posted by Dick Applebaum View Post

 
DDOS usually attacks web servers. We have been affected on several occasions when we were in a shared colo-datacenter. We had a gamer company on the same firewall/router that we we're on. When some hackers went after the gamer company we got DDOS too. We used to have our own mini datacenter but we opted for the big data center bandwidth and security. As it turns out we had to abandon that program because of DDOS on our neighbors. We brought everything in-house again. A lot more expensive but no attacks for the last year or two. Neighborhood is an accurate analogy. Difference between living in the city and out in the suburbs.

When a data center gets attacked with DDOS they bring in the Cisco security team and try to identify the packet signature and set up an edge router rule to drop the request. This usually takes a couple hours. Once they have identified the packet they notify the upstream providers and start blocking it at the major peering points. Takes a long time and the damage is usually done by the time they get a handle on it.

Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
post #33 of 171
Quote:
Originally Posted by snova View Post

to be fair. most != none != some.   I guess we would have to quantify "most" as a percentage of Android marketshare. 

Nearly all Android devices in use are 2.3 and newer, I think Google says something less than 1% are on anything older. The very latest Google Android security improvement, VerifyApps in the background, is available to every one of them on 2.3 and above.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #34 of 171
Quote:
Originally Posted by SolipsismX View Post
 
Which episode was this. I want to see if I can figure it out.

I'll ask. I never watched it. I was told by my administrative assistant that the upper management approved it.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #35 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?

I suppose but the routers are what is being overwhelmed and they don't really look at the port 80 header attributes. It is more of a byte/hex signature they can look for. But perhaps they can look deeper. The problem is that they don't want to look deeper because they are already being overwhelmed.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #36 of 171
Quote:
Originally Posted by Dick Applebaum View Post

Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?

Unfortunately, you can't prevent bandwidth usage if it requires no flow control.   They just clog up your pipe bandwidth and there is little you can do about it. Block it all you want to the final destination (if your router can handle the load), but the fact of the matter is quality of service of passing good packets into the network will be unusable.


Edited by snova - 3/7/14 at 5:16pm
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #37 of 171
Quote:
Originally Posted by snova View Post

Quote:
Originally Posted by Dick Applebaum View Post

Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?
Unfortunately, you can't prevent bandwidth usage if it requires no flow control.   They just clog up your pipe bandwidth and there is little you can do about it. Block it all you want to the final destination (if your router can handle the load), but the fact of the matter is quality of service of passing good packets into the network will be unusable.

Can this be addressed statistically – by the various hops along the path to the destination server?
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
post #38 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
Can this be addressed statistically – by the various hops along the path router?

No. the first "D" in DDOS means distributed. It is coming from everywhere.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #39 of 171
Quote:
Originally Posted by mstone View Post

Quote:
Originally Posted by Dick Applebaum View Post

 
No. the first "D" in DDOS means distributed. It is coming from everywhere.

Is DDOS or DOS against the law?
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
"...The calm is on the water and part of us would linger by the shore, For ships are safe in harbor, but that's not what ships are for."
- Michael Lille -
Reply
post #40 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
Quote:
Originally Posted by snova View Post
 
Quote:
Originally Posted by Dick Applebaum View Post

Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?
Unfortunately, you can't prevent bandwidth usage if it requires no flow control.   They just clog up your pipe bandwidth and there is little you can do about it. Block it all you want to the final destination (if your router can handle the load), but the fact of the matter is quality of service of passing good packets into the network will be unusable.

Can this be addressed statistically – by the various hops along the path to the destination server?

technically yes, however in practice upstream ISP's won't take care of this for you on your behalf. They won't alter their upstream filters to protect you downstream.  Its your problem. 

"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • New Android "RAT" infects Google Play apps, turning phones into spyware zombies
AppleInsider › Forums › Mobile › iPhone › New Android "RAT" infects Google Play apps, turning phones into spyware zombies