IRC/HTTP based DDoS bot nukes other bots
Posted on 03.05.2013
Online underground markets seem to offer anything and everything a budding cyber criminal might need.

Compromised online accounts? They've got them. Malicious domain registering service? Here you go. Steam information harvesting tool? Yep. And that's just a small part of what you can find for sale.

Lately, DDoS attacks have stopped being just a protest tool for hacktivists, and have become a way for cyber crooks to disrupt Bitcoin exchanges, target anti-spam organizations, the gambling websites, and so on.

Naturally, malware developers are trying to meet a rise in demand for DDoS botnet-creating tools and DDoS-as-a-Service schemes.

Webroot's Dancho Danchev has been monitoring the situation, and has noted that a particular IRC/HTTP based DDoS bot has been on offer since late 2012, and has been constantly developed and improved.



"From its initial IRC-based version, the bot has evolved into a HTTP-based one, supporting 10 different DDoS attack techniques as well as possessing a featuring allowing it to heuristically and proactively remove competing malware on the affected hosts, such as, for instance, ZeuS, Citadel or SpyEye," he shares.

The author claims the bot is "perfect for infecting Windows machines", and "features some of the best, most advanced DDoS tactics available on the market that will take down webservers, gaming servers, teamspeak/VoIP servers, home connections, etc with ease."

Priced at $100 for the IRC version and at $300 for the HTTP one, the offer is a bargain. Still, cyber criminals being what they are, they ultimately cracked the software and made it available to the members of these markets for free.

"What weíve got here is yet another example of a technically flawed licensing model for malicious software, allowing fellow cybercriminals to undermine the vendorís entire business model. Whether competing vendors of malware/crimeware releases targeted by this bot will take action or not, will entirely depend on the market share that it succeeds in securing, once again, thanks to its affordable price," says Danchev.

I would venture to guess that these competing vendors were behind the cracking.









Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //