DIY botnet kit spotted in the wild

Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

The DIY kit goes for sale at €10, and allows easy creation of botnets.

Some of its features include:

  • Possibility to carry out DDoS attacks
  • SOCKS; bot owner can use victim’s pc as proxy
  • Firefox password stealer; stealing passwords saved in Firefox database
  • Remote execution of any file
  • Pidgin password stealer; stealing passwords from the instant messenger Pidgin
  • jDownloader password stealer; stealing passwords from a downloader of one-click hoster

The bot builder doesn't have any propagation modules, making it a relatively low profile underground release, as it cannot spread.

Over the past few years, we've been witnessing the migration from DIY tools to web malware exploitation kits as a means for infection and propagating. DIY botnet creation kits with no spreading modules, aren't the real danger, the real danger comes from DIY botnet kits in a combination with web malware exploitation kits, since they cover both the infection and the dissemination vectors.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All