TRiAD Botnet III. Remote administration of multi-platform zombies
TRIAD is a web application designed to monitor and manage botnets by using GNU/Linux and MS Windows via the http protocol and of which we have discussed recently. It's part of an even more ambitious project by its author (who calls himself "cross"), called Hybrid Remote Administration System and which we will talk soon ;P
This time, it's version 3 TRIAD botnet. This web application is still in "infancy" but that nevertheless is in constant development and from version 2 has become a multi-platform crimeware. His full name is actually TRIAD HTTP Control System v0.3.
This latest version of crimeware has slight differences (improvements would say the creator) with respect to its predecessor. At first glance, highlights in its new interface, something we might say, characterizes the application.
Like its predecessors, is written in C ++ and compiled with GCC.
While no statistics as if they have features found in more sophisticated crimeware applications, has a number of options that makes it a danger. For now, its features are:
In GNU/Linux system:
Small HTTP Server: [HTTP Server]-[Port]-[Time(minutes)]
Bind Shell: [Bind Shell]-[Port]-[Allowed IP Address]
While the version for Windows platforms includes:
Small Proxy Server: [UdpStorm]-[Target IP]-[Target Port]-[Nr of Packets]-[Delay]
Reverse Shell: [Proxy Server]-[Port]-[Time(minutes)]
Regardless of the platform, the two have in common the ability to:
Sleep
Reboot remote machine
Shutdown remote machine
Delete bot from remote machine
The configuration file is generated then compiled to create the bot and getting a new crimeware through some simple steps.
However, this creates a counter that has to do with an issue of optimization and that when you upgrade the bots, it would make an individual, which is annoying for a botmaster advanced.
The crimeware this trend has created a style of hard braking, which marks a turning point on the control and administration of botnets represents a major effort by the security community in the fight against organized cyber crime which are in the current state of criminal activities committed through the Internet.
Related information this Blog
TRiAD Botnet II. Administración remota de zombis...
TRiAD Botnet. Administración remota de zombis en Linux
Eleonore Exploits Pack. Nuevo crimeware In-the-Wild
Especial!! ZeuS Botnet for Dummies
ElFiesta. Reclutamiento zombi a través de múltiples amenazas
Adrenalin botnet: zona de comando. El crimeware ruso marca...
Chamaleon botnet. Administración y monitoreo de descargas
YES Exploit System. Otro crimeware made in Rusia
Barracuda Bot. Botnet activamente explotada
Unique Sploits Pack. Crimeware para automatizar...
Activities botnets
Fusión. Un concepto adoptado por el crimeware actual
ZeuS Carding World Template. Jugando a cambiar la cara...
Unique Sploits Pack. Manipulando la seguridad del atacante...
Scripting attack II. Conjunción de crimeware para obtener...
Zeus Botnet. Masiva propagación de su troyano. Segunda parte
Danmec Bot, redes Fast-Flux y reclutamiento de Zombies PCs
Jorge Mieres
0 comentarios:
Post a Comment