Tag Archives: Botnet

16-28 February 2014 Cyber Attacks Timeline

Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.

read more

Even Botnets Go on Holidays!

The attack model based on botnet-generated Distributed Denials of Service is opportunistic. The botmaster selects a target, gathers as many resources as possible among his army of zombie machines, and when he realizes to have achieved enough firepower, simply selects a target and pushes the attack button. After this the target is inevitably flooded by packets generated by the bots, while the unaware owners of the zombie machines perform their normal work or fun activities with their infected computers.... Read More

Value Added Distributors of Botnets

Cyber Crime, and in particular botmasters, never cease to amaze. If you were (not so much) surprised in discovering the compromised supply chain behind the Nitol Botnet (that allowed Chinese manufacturers to sell compromised computers pre-installed with the botnet), you’d better have a look at the ZeroAccess Botnet, which has recently been analyzed by Sophos.... Read More

The Botnet Factory

Probably there’s something more in the Next Step Of Botnets besides BlackHole 2.0 and Tor C&C mentioned in my previous post. I mentioned the takedown of the Nitol Botnet by Microsoft as one of the most important infosec events of the last week, but I forgot to mention one important aspect related to this event: the malware supply chain.... Read More

The Next Step of Botnets

[caption id="attachment_8073" align="alignright" width="275"] A BlackHole (Exploit Kit) absorbing an Onion (Ring), the future of Botnets?[/caption]

This information security week has offered many interesting points: the brand new CRIME attack against SSL/TLS, the release of BlackHole Exploit Kit 2.0 that promises new stealth vectors of Drive-By download infections, the takedown of the emerging Nitol botnet by Microsoft, and, last but not least, the first (?) known example of a new generation of a C&C Server leveraging the anonymization granted by Tor Service.... Read More