No one can deny there has been a notable increase in cryptocurrency-related malware over the past few years. Nipping these threats in the bud has been a major challenge, although researchers have launched an intriguing tool. Known as Fbot, this botnet uses blockchain-based DNS discovery to shut down malicious crypto mining botnets.
The Fbot Botnet Explained
One often has to fight fire with fire, in the world of nefarious computer threats. Botnets have always been a very troublesome trend in this regard. These collections of enslaved and infected computers and other devices can wreak havoc on a global scale with little effort. Especially in the world of cryptocurrency mining, botnets are a very big problem to date.
Monero, one of the more popular alternative cryptocurrencies, has seen its fair share of issues with botnets over the years. Although botnets can help decentralize the mining aspect as well, they also create a revenue stream for criminals. Combined with the recent threat of malicious cryptocurrency mining malware distribution, it is evident something needs to be done to ensure these threats do not get out of hand too much.
Fbot may prove to be a valuable ally, even in the world of crypto mining malware. It is a venture which was set up over a month ago, and primarily tries to put an end to existing the ADB.Miner malware. Because of this botnet, all of those threats can be put to an end fairly quickly, because its core payload will overwrite existing mining malware and self-destruct later on.
There are two other interesting concepts to Fbot which make it very unique. Rather than relying on traditional DNS to communicate with a command-and-control server, it utilizes a blockchain-based DNS system instead. This allows it to resolve the non-standard designation of these C&C servers, making it a lot more versatile in this particular regard.
Last but not least, the Fbot botnet is linked closely to the Satori botnet. That latter name might ring a bell for some, although that does not have to be a bad thing by any means. Some parts of Fbot are also based on Mirai, one of the more destructive malware-spreading botnets which have come to the surface over the past few years. That can make Fbot also very powerful in terms of overwriting existing mining malware moving forward.
Because of this particular botnet, the world of malicious cryptocurrency mining may look very different in a few months today. Even though cryptojacking is still a growing industry, it might just take efforts like these to effectively counter those problems. For now, it remains to be seen how successful Fbot can be, albeit it is a very interesting approach to eliminating existing malicious botnets.