Is karma finally hitting back at crypto miners who, for their own gain, design malware that negatively affects honest and hardworking individual’s productivity by illegally utilizing computational power that isn’t theirs?
The number of cryptocurrency botnets able to unsuspectingly infiltrate almost any device on the World Wide Web has increased dramatically. These bots go undetected for months while utilizing the processing power of PCs, TV boxes, smart TVs, smartphones, tablets, laptops, and other devices connected to the net in order to mine digital currencies, like Monero.
Yet, in a new twist of fate that pertains to this ongoing saga, it seems that there is a new kid on the block, which is a ‘vigilante’ crypto bot that may exceed your first impression of it.
Instead of making hackers rich, Fbot does exactly the opposite. The bot will reportedly search for malware and subsequently destroy it in a bid to take down selfish and unscrupulous crypto hackers. More specifically, the newly discovered botnet will track down devices with Port TCP 5555 open and look for com.ufo.miner scripts, which are a deviant of the original ADB.Miner malware.
If detected, Fbot will begin mounting its own over-the-top anti-malware program. Once installed, it goes to work removing the unwanted cryptocurrency mining malware from the host. It finishes the job by uninstalling itself leaving no trace of its visit, which is most likely the reason why we are only just hearing about this bot from Qihoo 360 Netlab; an investigative networks security company that lays claim to the recent discovery of Fbot.
The Designer of Fbot is Still Unknown
In another twist to this story, whoever designed the heroic Fbot has not made him or herself known. It seems no one wants to take credit for a job well done. There have been attempts to track down the creator, but these attempts have only led to a website that cannot be accessed using the web’s traditional Domain Naming Systems (DNS). There is a good reason for this it seems.
The domain in question can only be accessed using Emercoin’s decentralized EmerDNS. The way Emercoin has designed this service means that there is no way the domain can be suspended or revoked, which is a feature that appeals to many decentralists. Not only can domains remain untouched, but the sites featured on Emercoin-backed domains cannot be altered by anyone but the recorded owner who holds the domain’s private key. Whoever designed the Fbot has made sure it is a permanent fixture.
This may or may not be good news. It is great because finally there is a bot out there that is on the side of honest, down-to-earth crypto enthusiasts. Conversely, it may just be another group of miners that are trying to eradicate the competition’s bots for their own ulterior motives.
Is Fbot’s Creator a Hero or Villian?
In most cases, if someone has designed a bot that is alleviating the internet of malicious scripts, then surely it is a chance to make a name for themselves. If not, then there are only two possible reasons why the person or group behind Fbot have opted to remain anonymous.
- Fbot is hitting hackers that use malware hard, resulting in the loss of millions in illegally-obtained crypto. To avoid repercussions the designer(s) have remained quiet and are just happy to help.
- Fbot is clearing the way for a new breed of botnet that could create its own devastation in the future.
There does appear to be a strong correlation to the Satori botnet that terrorized Huawei and Realtek SDK devices. Satori was coded from the infamous Mirai IoT botnet that wreaked havoc on millions of devices. There is a good chance that Fbot is just the beginning of a more advanced malware script about to hit devices on the net.
All said and done, we can only but hope that this is just the kind gesture of a lone programmer or team that wants to hit back at and rid the net of unethical crypto miners.