Satori/Mirai, detected attacking public available ADB shells 


A new botnet attack is detected on android devices that are using Android Debug Bridge.

The botnet itself is geared toward cryptocurrency mining, specifically targeting Android devices with ADB enabled. 

Android, by default does not have ADB turned on. 

Base on security analyzes it is discovered that mostly the android devices vulnerable are the ones that are routed (configured and working with administrator privileges).

Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allows the attacker to access the device and its connection.



In order to avoid such problems Telekom Albania advice the customers to run their devices in non-root mode and to control the status of the Antivirus Client installed in their devices.  


Click here for the Albanian version