There is a process of leases ending, and bots rejoining the network.
Almost 1.6 million Android TVs around the world have been roped in by a novel Vo1d malware botnet variant.
According to BleepingComputer, the campaign was initially discovered in November. Researchers from XLab attributed the surge to Vo1d's leasing of its botnet infrastructure.
"Once the lease period ends, the bots rejoin the Vo1d network. This reintegration leads to a rapid spike in infection counts as the bots become active again under Vo1d's control," said researchers.
More than half of the impacted devices remain active, while Brazil, South Africa, Indonesia, Argentina, Thailand, and China account for most of the infections this month. India was also observed to have its bots spike from 3,900 to 217,000 in only three days.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
