Don't worry, its just another bot. No, It's a CrimewareBot, O SH*T!

August 8, 2008


So virus’s spread back in the day, then got PWNed by antivirus, then vulnerabilities lead to exploits, which lead to worms.  Worms get PWNed by antivirus, Worms get whittled down and turned into trojans that become massively networked to become bots which came from IRC scripts.  Everything is now hid by Rootkits and protected from reverse engineering and analysis by packing, crypting, poly and meta morphism.  Advanced features are built-in such as automatic bank account balance checking… YEOCH.  Been going on for years.. 

Here is a example of one such bot (COREFLOOD) that has been OWNING for years and got progressively nastly,  It now targets powerusers in the organizations that can use Sysadmin tools such as psexec and Microsoft SMS or patch distributiom mechanisms to seed entire organizations, including the STATE police.  Fun Fun.  Wonder what data systems they have access to know.  O yea keystroke logging, cookie theft, and password grabbing on the wire, but that’s all STANDARD now in this malware code.  The guys at SecureWorks are badasses for researching this. 

This little diddy had HUNDREDS of gigabytes of user data and credentials on its drop site.  Most of which had been already pulled off. Not to mention all the CASH MoOLa they have walked off with.  $90,000 grand on one account alone. 

O ya and No they still have’nt caught the guys yet.  When the US goverment charges the head driver/protector of Osama bin Laden with 5 years in jail even though he most likely knew about the 9/11 plot, what kind of penalties do you think we are levying against extreme ripoff artists with digital weapons….. HRMMM?

WHY THE FUCK is everyone still focused on STORM when this stuff is running around?! Granted Storm is pretty kickass because its decentralized and using a hacked up OVERNET p2p protocol and FAST-fLUXMore on that later.  I did tons of research on P2P and its disruptive effects a long time ago, awesome stuff.

By the way why the hell do we not see any AES encrypted malware out there.  Are malware coders dumbasses because most all of their encryption in their products is based on RC4/ROT13/Base64 or some other weak ass pseudo crypto/encoding/scrambling that gets easily broken.

I’m going to have to search for lightweight AES implementations.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: