Pink botnet infected over 1.5 million devices
The Netlab Qihoo 360 research team reports that it has discovered the “largest botnet” in the past six years – Pink malware has already infected more than 1.6 million devices, mostly located in China (96%).
These bots are used by botnet operators for DDoS attacks and injecting ads on HTTP sites. It is reported that at least 100 DDoS attacks have been carried out by the botnet to date.
According to experts, Pink has been active since November 2019. The malware mainly attacks MIPS routers and uses various third-party services, including GitHub, as well as P2P and centralized C&C servers to connect bots with operators and transfer commands.
Pink also uses DNS-Over-HTTPS to connect to the server specified in the configuration file, which is either delivered via GitHub or Baidu Tieba (sometimes the domain name is completely hardcoded).
Let me remind you that we also talked about the fact that the Chinese authorities have arrested the authors of the Mozi botnet.