VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

New xlabs_v1 botnet exploits ADB on port 5555 to recruit IoT for DDoS attacks

Новый ботнет xlabs_v1 эксплуатирует ADB на порту 5555, чтобы вербовать IoT для DDoS-атак

Colleagues, please note a new cybersecurity threat.

Hunt.io has identified a Mirai-like botnet, xlabs_v1, targeting devices with open Android Debug Bridge (TCP/5555) to recruit Android TV, set-top boxes, smart TVs and routers.

- Offers 21 flood types (TCP, UDP, RakNet, OpenVPN-like) and is sold as DDoS-for-hire, targeting game servers.
- Uses bandwidth profiles for device billing; lacks persistence—re-infection required.
- Includes a "killer" module to evict competitors and consolidate traffic.

Why it matters: consumer IoT and small game hosts are at elevated risk.

Remediation: close ADB (port 5555), update devices, apply network filters and DDoS protection.

How do you protect game and IoT hosts in your infrastructure?

#cybersecurity #IoT #DDoS #infosec

Latest comments

No comments yet.