Posts Tagged: botnet


New DIY HTTP-based botnet tool spotted in the wild

by

What are cybercrime-facilitating programmers up to when they’re not busy fulfilling custom orders? Releasing DIY (do-it-yourself) user-friendly tools allowing anyone an easy entry into the world of cybercrime, and securing their revenue streams thanks to the active advertisements of these tools across closed cybercrime-friendly Web communities. In this post, I’ll profile a recently advertised DIY HTTP-based botnet tool, that allows virtually anyone to operate their own botnet. More details:

Continue Reading »

USPS ‘Postal Notification’ themed emails lead to malware

by

Cybercriminals are currently mass mailing millions of emails impersonating The United States Postal Service (USPS), in an attempt to trick its customers into downloading and executing the malicious .zip archive linked in the bogus emails. Upon execution, the malware opens a backdoor on the affected host, allowing the cybercriminals behind the campaign to gain complete control over the host. More details:

Continue Reading »

A peek inside the Cythosia v2 DDoS Bot

by

by Dancho Danchev With DDoS extortion and DDoS for hire attacks proliferating, next to the ever decreasing price for renting a botnet, it shouldn’t come as a surprise that cybercriminals are constantly experimenting with new DDoS tools. In this post, I’ll profile a newly released DDoS bot, namely v2 of the Cythosia DDoS bot.

Continue Reading »

A peek inside the PickPocket Botnet

by

by Dancho Danchev Malicious attackers quickly adapt to emerging trends, and therefore constantly produce new malicious releases. One of these recently released underground tools, is the PickPocket Botnet, a web-based command and control interface for controlling a botnet. Let’s review its core features, and find out just how easy it is to purchase it within the cybercrime ecosystem.

Continue Reading »

Black Hat Redux: Botnet Takedown Mistakes to Avoid

by

I’ve worked in the security industry for nearly five years, and it was apparent early on that the most successful people in this field bring to their work a passion and a commitment to protecting not only one’s customers, but to providing a certain level of information about security threats to the world at-large, so even your non-customers can help or protect themselves. It can be hard to know where to stop once you get on a roll. Malware infections frequently lead to unexplored, interesting backwaters on the Internet. And, sometimes, those backwaters are where the criminals run those operations. […]

Continue Reading »

New Tool Released: Kiss (or Kick) ZeroAccess Goodbye

by

There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight infectious code, and its transformation from nuisance to severe threat. With the hard work and perseverance of Threat Research Analyst and master reverse-engineer Marco Giuliani, we’re proud to release the latest build of a tool we’ve used internally to clean the infections from the notable ZeroAccess rootkit off of victims’ computers. AntiZeroAccess exploits many of the vulnerabilities that Marco discovered in the rootkit to cleanly remove the rootkit code […]

Continue Reading »

Botnet malware targets MyYearbook

by

The team here at Webroot has picked up on a Trojan that appears to target a relatively new social networking site: MyYearbook.com. The site caters to the high-school-age crowd with activities that include various kinds of person-to-person challenges, streaming TV, and a kind of virtual matchmaker service for the tween-and-above set. We’re calling the malware that targets the site Trojan-Myblot. We received our copy via a malicious BitTorrent download, which purportedly distributed a Windows utility. Instead, we received a file that downloaded several payloads, eventually landing our infected system firmly in the clutches of Myblot. So what does it do? The trojan, […]

Continue Reading »