It's like a fairy godmother, except that instead of taking you to the ball, it fixes up your computer before it disappears.


If you're unfortunate enough to visit a malicious page or click the wrong thing in a phishing email, you might catch a botnet — malware that hijacks your computer in order to perform a nefarious deed, like attacking a site, spreading a virus, or mining cryptocurrency.

But now, network security firm Netlab 360 says it's identified a guardian angel botnet which, instead of harming your computer, looks for a specific malware infection and cures it before politely deleting itself.


We don't know who created the malware, which Netlab 360 engineer Hui Wang dubbed "Fbot." But it seems to have just one mission: get rid of one specific kind of malware.

Fbot first infects computers that leave a specific port vulnerable to attack. Then it searches its new hosts for a piece of malware called com.ufo.miner, which uses infected computers to mine the cryptocurrency Monero — and eradicates it.

"[S]o far," Wang wrote in the blog post, "the only purpose of this botnet looks to be just going after and removing another botnet."


It's not clear, CoinDesk pointed out, whether Fbot is the creation of an anonymous do-gooder or a rival hacker.

But it does provide a glimpse of an intriguing future in which autonomous agents roam the web like bounty hunters.

READ MORE: Fbot, A Satori Related Botnet Using Block-chain DNS System [Netlab 360]

More on botnets: Researchers Inadvertently Discover Crypto Scam Involving 15,000 Twitter Bots

Share This Article