IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS

An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution.

Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing). Other IoT botnets have been used as proxies to offer online anonymity.

Linux.ProxyM never had DDoS capabilities and was built instead to function as a giant mesh of proxy servers running on smart devices. The botnet first surfaced in February 2017, reaching a size of nearly 10,000 bots by June. The botnet has halved in size since then but this positive development is offset by the addition of new features.

Dr.Web, the Russian antivirus firm that first identified Linux.ProxyM, warns the botnet is now engaged in email spam campaigns. According to Dr.Web’s statistics, a device infected with Linux.ProxyM sends on average about 400 emails per day. Campaigns so far have promoted adult hookup sites.

Read more…

Source: The Register