In Retrospective - A New DIY Herpes Botnet Builder Spotted in the Wild - An OSINT Analysis

I've recently came across to a new malicious DIY botner builder release and I've decided to sharing my findings including some screenshots with the idea to share as much information as possible regarding this new malicious software release including to improve everyone's situational awareness.

Sample screenshots:

Among the key features of the new DIY botnet building tool is the geographical distribution of the affected hosts on a global map where the ultimate goal for the malware coders behind the release of this malicious software would be to make it easier for their clients to keep track of newly infected hosts.

Related MD5s known to have been involved in the campaign include:

MD5: cdb54a3654ff2fdda7e90c48cbacda02

I'll continue monitoring the development of this DIY botnet builder and will post updates as soon as new developments take place.

In Retrospective - A New Dedal DDoS Bot Spotted in the Wild - An OSINT Analysis

I've recently stumbled upon yet another recently released DDoS bot which is basically offering standard features typical for such malicious software releases and is aiming to differentiate its cybercrime ecosystem proposition by offering different pricing mechanisms to its potential clients.

I'll continue monitoring the development of this DDoS bot and will post updates as soon as new developments take place.

In Retrospective - A New E-Shop for Compromised PCs Spotted in the Wild - An OSINT Analysis

I've recently spotted a newly launched E-shop for compromised PCs where the ultimate goal would be to use the actual access to the compromised PCs for setting up the foundations for a successful botnet propagation campaign including to actually use them for data mining purposes where the ultimate goal would be to look for accounting data for major Web properties.

The E-Shop offers access to a variety of compromised PCs based in different geographical locations where the ultimate goal would be to make it easier for the client to properly segment the compromised PCs population in the context of only acquiring compromised PC hosts based on their actual geographical needs.

I'll continue monitoring the development of the E-Shop and will post updates as soon as new developments take place.

In Retrospective - A New Armageddon DDoS Bot - An OSINT Analysis

I've decided to share with everyone a recently released Armaggeddon DDoS bot which aims to differentiate itself from by offering not just standard DDoS bot features and functionalities but also the fact that it's under currently active development by the malware authors behind it with the idea to position it as a market leading DDoS bot where the ultimate goal would be to acquire new clients.

The bot offers a variety of DDoS attack features and despite the rather modest GUI it has the capacity to cause widespread damage based on the number of affected users internationally.

I'll continue monitoring the actual development of the bot and post updates as soon as new developments take place.

In Retrospective - A New Anthena DDoS Bot Spotted in the Wild - An OSINT Analysis

I've decided to resume posting posts part of my upcoming blog post series called "In Retrospective" where my aim is to share interesting findings from across the cybercrime ecosystem in the context of new malicious software releases and various other cybercrime ecosystem underground market propositions with the idea to offer a unique peek inside today's modern cybercrime ecosystem.

Case in point is the Anthena DDoS bot which as a variety of unique features and should be considered a quite recent release in the context of having users buy it and actually use it to build botnets and launch new DDoS attacks against their victims.

Sample screenshot of the malicious software in action:

It should be fairly easy to conclude that every time the bad guys launch a new DDoS bot on the market the actual lifecycle of the malicious software release is prone to grow and extend to the point where it's lifecycle is proportion with the general availability of new features including various ways in which antivirus solutions might fail to detect the new malicious software release including possibly a well documented source code which could be offered for sale potentially improving the lifecycle of the malicious software including the actual introduction of new features courtesy of third-parties which also include the general public including malicious software authors who might be interested in possibly introducing new features largely thanks to a publicly accessible source code.

Sample Screenshots of TDoS (Telephony Denial of Service) Tools - An OSINT Analysis

Did you know that for a modest financial investment you could basically outsource the taking down of someone including your competitor's mobile phones including an organization's entire phone system by basically hiring a Russian based TDoS (Telephony Denial of Service) provider which basically utilizes various publicly accessible DoS (Denial of Service) attack techniques that also includes the automated breaking of CAPTCHA for the purpose of registering hundreds of  rogue and bogus accounts where the ultimate goal would be to use them in bulk for the purpose of launching a TDoS (Telephony Denial of Service) attack against a victim including the competition which could also mean an organization's entire phone system based on the actual requirements of the individual ousourcing the attack to the Russian based provider of TDoS (Telephony Denial of Service) attack services.

I've recently decided to dig a little bit deeper inside this booming market segment within the cybercrime ecosystem and basically found a multitude of various propositions courtesy of different providers where the potential user of these services could also get a price bargain on their way to obtain and launch a TDoS (Telephony Denial of Service) against a victim including a competitor which could also mean an organization's entire phone system.

I'll continue taking a deeper look inside the currently emerging and actually booming cybercrime ecosystem market segment for TDoS (Telephony Denial of Service) attacks and I'll post updates as soon as new developments take place.