'

DIY botnet kit spotted in the wild

Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

Security researchers from GData, have spotted a DIY (do it yourself) botnet kit, available for sale at selected underground communities.

The DIY kit goes for sale at €10, and allows easy creation of botnets.

Some of its features include:

  • Possibility to carry out DDoS attacks
  • SOCKS; bot owner can use victim’s pc as proxy
  • Firefox password stealer; stealing passwords saved in Firefox database
  • Remote execution of any file
  • Pidgin password stealer; stealing passwords from the instant messenger Pidgin
  • jDownloader password stealer; stealing passwords from a downloader of one-click hoster

The bot builder doesn't have any propagation modules, making it a relatively low profile underground release, as it cannot spread.

Over the past few years, we've been witnessing the migration from DIY tools to web malware exploitation kits as a means for infection and propagating. DIY botnet creation kits with no spreading modules, aren't the real danger, the real danger comes from DIY botnet kits in a combination with web malware exploitation kits, since they cover both the infection and the dissemination vectors.