Hide 'N Seek IoT Botnet Now Targets Android Devices

[silversurfer]

Bitdefender now says that newly identified samples of the malware target the Android Debug Bridge (ADB) over Wi-Fi feature to infect devices.

Normally used for troubleshooting and supposedly disabled by default, ADB was found enabled on commercially available Android devices, exposing them to attacks on TCP port 5555. The issue resides with vendors neglecting to disable ADB when shipping devices.

“Any remote connection to the device is performed unauthenticated and allows for shell access, practically enabling attackers to perform any task in administrator mode,” Bitdefender Senior Cybersecurity Analyst Liviu Arsene points out.

Source: https://www.securityweek.com/hide-n-seek...id-devices