Two botnets are fighting over control of thousands of unsecured Android devices

[silversurfer]

Two botnet gangs are fighting to take control over as many unsecured Android devices as they can to use their resources and mine cryptocurrency behind owners' backs.

The turf war between these two botnets --one named Fbot and the other named Trinity-- has been going on for at least a month if we're to combine the various clues from reports published by different cyber-security firms.

Both are in direct competition and are going after the same targets, namely Android devices on which vendors or owners have left the diagnostics port exposed online. This port is 5555, and it hosts a standard Android feature called the Android Debug Bridge (ADB). All Android devices support it but most come with it disabled. But while ADB is disabled on hundreds of millions of devices, there are tens of thousands where this feature has been left enabled, either by accident during the device's assembly and testing process or by the user after he used the ADB to debug or customize his phone.

Source: https://www.zdnet.com/article/two-botnet...d-devices/