Wednesday, March 3, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Qihoo & Baidu disrupt malware botnet with hundreds of thousands of victims

May 27, 2020
in Internet Security
Qihoo & Baidu disrupt malware botnet with hundreds of thousands of victims
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Because Chinese users usually hang out in their own corner of the internet, behind the Great Firewall, we tend to forget that they are also targeted by malware on a daily basis; albeit different malware, and not usually the same that targets everyone else.

For the past three years, the DoubleGuns trojan has emerged to take the crown as one of China’s largest malware botnets.

You might also like

Linux Mint may start pushing high-priority patches to users

Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root

Google addresses customer data protection, security in Workspace

In an interview with ZDNet earlier today, Chinese antivirus vendor Qihoo 360 says DoubleGuns is exclusively found in China and is believed to have infected hundreds of thousands of Chinese users at the time of writing, with millions of historical infections over the past years.

What is DoubleGuns

DoubleGuns is a malware trojan that targets Windows devices. The malware has been operating since July 2017 when Qihoo researchers spotted the first samples distributed in the wild.

Across the past three years, the DoubleGuns trojan has changed very little, despite growing in scale. To this day, the malware is still primarily distributed via boobytrapped apps shared on Chinese websites, with most being pirated games made available on Chinese social networks and gaming forums.

Its primary purpose is still to infect users with MBR and VBR bootkits, install various malicious drivers, and then steal credentials from local apps, with a focus on Steam accounts.

In addition, DoubleGuns also acts as adware and spamming module. It inserts ads on user devices, and it also hijacks QQ accounts to spread ads to the victim’s friends via private messages.

Furthermore, older versions of the DoubleGuns malware were also spotted hijacking traffic from legitimate e-commerce portals, redirecting infected users to clone sites; however, this behavior appears to have been dropped in recent versions.

As mentioned above, the trojan targets Chinese users exclusively, and this is very clear when analyzing the malware’s source code, which includes functions to disable security software, most of which are Chinese antivirus products.

Qihoo and Baidu temporarily disrupt DoubleGuns

In a blog post last week, Qihoo 360 says it recently teamed up with fellow Chinese tech giant Baidu to disrupt the botnet’s operations, which have grown too large to be ignored.

Qihoo says that since May 14, they’ve been working with Baidu in a joint operation to take down some of the botnet’s backend infrastructure, most of which has been using Baidu’s Tieba image hosting service.

doubleguns.png

Image: Qihoo 360 Netlab

According to Qihoo, for the past three years, DoubleGuns has been downloading images from the Tieba service. The images contained secret code (hidden inside the image using a technique known as steganography) that provided DoubleGun bots with instructions of what operations to perform on the infected hosts.

Qihoo and Baidu say that for the past two weeks, they’ve been taking down images used by DoubleGuns and logging connections from infected hosts, which is how they found about the botnet’s massive size, currently estimated at “hundreds of thousands” of infected computers.

The disruption is considered temporary, as other parts of the botnet’s infrastructure are still running, and the botnet’s operators are still at large.

Credit: Zdnet

Previous Post

Simulated Statistics is the New Black

Next Post

COVID-19, Email Marketing, and Reopening the Economy

Related Posts

Linux Mint may start pushing high-priority patches to users
Internet Security

Linux Mint may start pushing high-priority patches to users

March 3, 2021
Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root
Internet Security

Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root

March 3, 2021
Google addresses customer data protection, security in Workspace
Internet Security

Google addresses customer data protection, security in Workspace

March 2, 2021
Australia’s new ‘hacking’ powers considered too wide-ranging and coercive by OAIC
Internet Security

Australia’s new ‘hacking’ powers considered too wide-ranging and coercive by OAIC

March 2, 2021
Scientists have built this ultrafast laser-powered random number generator
Internet Security

Scientists have built this ultrafast laser-powered random number generator

March 2, 2021
Next Post
COVID-19, Email Marketing, and Reopening the Economy

COVID-19, Email Marketing, and Reopening the Economy

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Linux Mint may start pushing high-priority patches to users
Internet Security

Linux Mint may start pushing high-priority patches to users

March 3, 2021
Microsoft Ignite Data and Analytics roundup: Platform extensions are the key theme
Big Data

Microsoft Ignite Data and Analytics roundup: Platform extensions are the key theme

March 3, 2021
An open-source machine learning framework to carry out systematic reviews
Machine Learning

An open-source machine learning framework to carry out systematic reviews

March 3, 2021
The Ways in Which Big Data can Transform Talent Management and Human Resources | by Amelia Jackson | Feb, 2021
Neural Networks

The Ways in Which Big Data can Transform Talent Management and Human Resources | by Amelia Jackson | Feb, 2021

March 3, 2021
Introducing Research Tuesdays: Tuesday’s daily brief
Digital Marketing

Introducing Research Tuesdays: Tuesday’s daily brief

March 3, 2021
Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root
Internet Security

Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root

March 3, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Linux Mint may start pushing high-priority patches to users March 3, 2021
  • Microsoft Ignite Data and Analytics roundup: Platform extensions are the key theme March 3, 2021
  • An open-source machine learning framework to carry out systematic reviews March 3, 2021
  • The Ways in Which Big Data can Transform Talent Management and Human Resources | by Amelia Jackson | Feb, 2021 March 3, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates