MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


Barracuda Bot. Botnet actively exploited

Criminal processes carried out by cybercriminals through the exploitation of different crimeware applications designed for these purposes, are gaining notoriety because of the number of cases known at present, where malicious code spread via botnet are responsible for forming the way for further attacks and recruiting zombies.

Barracuda bot is a new alternative for offenders who also characterized by joint actions allow for any botnet, has special features which turn it into a "criminal tool" that allows "adapt to the needs of offenders".

Barracuda botnet is a bot, of Russian origin with English interface, completely modular with each module handles a specific task, offering the ability to update or add modules depending on the features you want to add to control zombies.

Thus, the offender may be buying the modules according to the criminal actions you want to commit, simply, through a control panel and administration via the web.

Moreover, it incorporates features of "security" as the encryption of the information transmitted by the bot, and the ability to restore their "business" via an emergency management system that reacts in case of a fall, allowing follow administration of the bot through IRC.

Among the most important features that incorporates this botnet are: the ability to download and run binaries. Exe and. Dll not infect previously infected machines again, encryption and polymorphism, among many others.

But undoubtedly, the striking of this, and reflecting that criminal activities conducted by the Internet is a real deal.

The crimeware is worth USD 1600 in the full version, ie all modules, but also offering a smaller version of USD 1000 that incorporates all the modules except the DDoS (Distributed Denial of Service).

Barracuda bot clients receive advice and support for free, even, also offers a licensing model atypical in these activities. The sale is limited to five (5) persons suffering updates a 60% discount with the purchase of two (2) modules accessing a 10% discount on the purchase of the next.

The modules are available at the moment are:
  • DDoS Module. By which you can do: HTTP GET/POST flood, UDP flood, ICMP flood, TCP flood, IP spoofing. Its value is USD 900.
  • Email Grabber module. Lets gather email addresses from the HD, gather email addresses from the address book from different customers, and capture real-time address each time you access the Internet. Its value is USD 600.
  • Proxy Module. Increases the number of simultaneous connections for a more "efficient" sending spam, among other activities at the statistics. Its value is USD 500.
  • PWDGRAB module. Clearly designed to steal sensitive information like passwords for websites, email accounts, FTP accounts, etc.. The value is USD 500.
  • SSLSOCKS module. This module is in its beta stage and can "build a VPN" on the same bot. Its cost is USD 500.

0 comentarios:

Post a Comment