Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev

DIY botnet kit spotted in the wild

By Dancho Danchev | September 22, 2011, 6:51am PDT

Summary: Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

The DIY kit goes for sale at €10, and allows easy creation of botnets.

Some of its features include:

Possibility to carry out DDoS attacks
SOCKS; bot owner can use victim’s pc as proxy
Firefox password stealer; stealing passwords saved in Firefox database
Remote execution of any file
Pidgin password stealer; stealing passwords from the instant messenger Pidgin
jDownloader password stealer; stealing passwords from a downloader of one-click hoster

The bot builder doesn’t have any propagation modules, making it a relatively low profile underground release, as it cannot spread.

Over the past few years, we’ve been witnessing the migration from DIY tools to web malware exploitation kits as a means for infection and propagating. DIY botnet creation kits with no spreading modules, aren’t the real danger, the real danger comes from DIY botnet kits in a combination with web malware exploitation kits, since they cover both the infection and the dissemination vectors.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Adobe to rush out Flash Player patch to thwart zero-day attacks

Adobe adding security, privacy goodies to Flash Player 11

Topics

Kit, Wild, Security, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Full Bio
Disclosure
Contact

Vendor HotSpot

The 360° Conversation around Cloud Computing

TECH VISUALIZER brings the social conversation to life... powered by Brocade

Learn More »

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Ask a Question Start a Discussion

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

Just In

RE: DIY botnet kit spotted in the wild

cybr2th@... 24th Sep

So, basically I will have plenty of job security removing this crap. YESSSSS! I MEAN, ummmm...thats terrible.

View in thread

Please Select
Please Select

0 Votes

+ -

Dancho, Dancho, pricing PLEASE! (kidding)

Dietrich T. Schmitz * Your Linux Advocate 22nd Sep

Find 'em and hang 'em high.
Creeps.

Reply
Flag

0 Votes

+ -

RE: DIY botnet kit spotted in the wild

alexdan2 22nd Sep

@Dietrich T. Schmitz * Your Linux Advocate Get six pack Abs

I???m busy and can???t spend 60 minutes a day with exercises.
Truth About Six Pack Abs does not require this.
30-45 minutes workouts 2-3 times a week should do the trick

go here : goo . gl /YR85Z

Reply
Flagged

0 Votes

+ -

RE: DIY botnet kit spotted in the wild

Parassassin 22nd Sep

These tool kits have been around forever, maybe the actual name of the BOT should have been removed as I found the download on two fairly low level "security sites" with relative ease because I knew the name.

Reply
Flag

0 Votes

+ -

I am sure if it was a more dangerous ....

kd5auq 22nd Sep

@Parassassin
... self propagating variety even the name would have been blanked out.
This one looks like it is more trouble to use than what it is worth.