Dubbed InterPlanetary Storm; the malware has been active since May 2019 but its new variant targets both macOS and Android-based devices.
Yesterday, we saw a threat group named APT-C-23 introducing a new Android variant of their malware. Turns out, they’re not the only ones being innovative.
In the latest, a research report from Barracuda reveals how a previously known malware named InterPlanetary Storm, active since May 2019 now has a new variant that targets both macOS and Android-based devices, a step ahead from only Windows and Linux based devices.
See: Monero Mining Malware Infecting Android Smart TVs & Smartphones
Coming to the scope of the malware, it is based on building a huge botnet that targets user machines globally in about 84 countries but predominantly from Asia. In fact, 59% of the 13500 infected machines come from only 3 countries: Hong Kong, South Korea, and Taiwan.
The rest are spread out across the world with the malware currently focusing on IoT devices allowing it to use them later for nefarious purposes such as crypto-mining, distributed denial of service (DDoS) attacks, and other vectors that make use of large scale machines.
Examples of the infected devices include televisions for Android-based ones and “routers with ill-configured SSH service” for Linux.
How it works is by attacking machines through brute-forcing SSH servers (just like malware found targeting devices android globally