Threat Database Botnets Pareto Botnet

Pareto Botnet

A massive botnet spanning close to a million infected Android devices has been unearthed by security researchers. According to their findings, instead of leveraging the Pareto botnet to perform DDoS attacks, the hackers employed the compromised devices to conduct an ad-fraud operation.

The Pareto botnet employed dozens of corrupted Android mobile applications to impersonate over 6000 connected TV applications, resulting in an average of 650 million of fake ad requests per day. The choice of targets is deliberate as advertisements on connected TVs are priced higher than their counterparts significantly on mobile devices or the Web. The threatening applications were pretending to be consumer TV streaming products running on several of the most prominent CTV platforms such as Roku Os, Fire OS, tvOS and more.

The Command-and-Control (C2, C&C) server of the operation also was involved in another identical campaign that targeted Roku. A set of 36 applications on Roku's Channel Store received instructions from the C2 server. They acted in similary to the Android Pareto applications by spoofing smart TV and consumer streaming products.


Most Viewed