Botnet to Destroy Mining Malware

New strange botnet is called Fbot and is discovered by security researchers Qihoo 360Netlab team
19 September 2018   649

Specialists in the field of cyber security have discovered a new botnet, which instead of malicious actions searches and destroys hidden mining malware. This is reported by CoinDesk.

Botnet called Fbot is a variation of the Satori, which in turn is based on the Mirai program. The latter is often used for DDoS attacks. However, in the case of Fbot, the module for DDoS attacks is deactivated and replaced by the device search function with the software installed for hidden mining.

The new botnet was investigated in detail by the Qihoo 360Netlab team. As noted in their blog, Fbot is looking for a malicious program called com.ufo.miner, which is a variation of the Monero miner called ADB.Miner. The latter is aimed at devices under the Android operating system.

The program is distributed through open ports, and then deletes com.ufo.miner if it finds it. Fbot is programmed to scan the network, spread over it, install over malicious software, and then self-destruct.

It is noteworthy that the botnet uses a decentralized alternative to EmerDNS instead of the standard Domain Name System (DNS). Because of this, the address is harder to track and close.

The choice of Fbot using EmerDNS other than traditional DNS is pretty interesting, it raised the bar for security researcher to find and track the botnet (security systems will fail if they only look for traditional DNS names).
 

Qihoo 360 Netlab Researchers

It is not yet clear whether Fbot was created with good intentions, or to eliminate competitors in the market.

According to Trend Micro researchers, during the first half of 2017, the number of cases of unauthorized cryptomoney detection increased by 956%.

Bitmain to File IPO Application

The application was sent to Hong Kong Stock Exchange (HKEX)
27 September 2018   396

The largest mining company Bitmain has submitted to the Hong Kong Stock Exchange (HKEX) listing application for an initial public offering (IPO), according to CoinDesk.

The application is a draft option, and some of its details, in particular the number of shares offered for sale and the immediate date of the IPO, are still in the process of editing.

Nevertheless, the document indicates that last year Bitmain's revenue was $ 2,517,719,000. This figure is higher than in 2016 ($ 277,612,000). As of June 30, 2018, the company's revenue was $ 2,845,467,000.

The application said that in 2017 the gross profit of the company was $ 1 212.7 million, which is also higher than in 2016 ($ 151,351,000).

Earlier, the head of Bitmain, Jihan Wu, expressed his indignation over the actions of the company's chief financial officer, who disclosed the figures for the first quarter 60 days after his end, and not after 90, as he had expected.

The media suggested that in the run-up to the IPO the publication of such information could have a negative effect on the company's investment attractiveness.

In addition, the document confirmed the media's information that Bitmain owns a 3% stake in Opera's Internet browser thanks to an investment of $ 50 million.

The application also indicates that the underwriters of the IPO are China International Capital Corporation Hong Kong Securities Limited, Commerce and Finance Law Offices, Maples and Calder LLP, KPMG and Frost & Sulliva