Social engineering meets the bot (part 3) - all is revealed

Monday, 6 December 2004, 2:36 PM EST

I left off in Part 2 of the article just at the point where we had converted the “ASM” to what it actually is ie: a PERL script. This script as we saw actually created a socket on the local computer, which in turn connected to an IRC server. The ultimate goal of this? In all likelihood to create a bot army that will probably be used in a DDoS attack on some site or online user.

When doing this kind of analysis always make sure that you are logging the packets themselves. To that end I would recommend using windump for win32, or tcpdump for Linux.

By Don Parker at WindowSecurity.com

[ Read more ]




Spotlight

Cloned, booby-trapped Dark Web sites steal bitcoins, login credentials

Apart from being a way for dissidents and journalists to do their business without being spotted and identified by "the powers that be", the Dark Web is also a place where criminals sell and buy illegal wares and services and, apparently, where they also get robbed by scammers.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jul 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //