Difference between revisions of "The anatomy of a botnet"
Jump to navigation
Jump to search
m (1 revision imported) |
m (Text replacement - " août " to " aug") |
||
Line 8: | Line 8: | ||
|Author=ASERT, | |Author=ASERT, | ||
|NomRevue=ASERT Blog | |NomRevue=ASERT Blog | ||
|Date=23 | |Date=23 aug2010 | ||
|Editor=Arbor SERT | |Editor=Arbor SERT | ||
|Year=2010 | |Year=2010 |
Latest revision as of 21:30, 5 August 2015
(Publication) Google search: [1]
The anatomy of a botnet | |
---|---|
Botnet | YoYo |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | HTTP |
Date | 2010 / 23 aug2010 |
Editor/Conference | Arbor SERT |
Link | http://www.arbornetworks.com/index.php?option=com docman&task=doc download&gid=494&Itemid=615 www.arbornetworks.com (www.arbornetworks.com Archive copy) |
Author | ASERT |
Type |
Abstract
“ A new family of DDos bots started showing up in our sandboxes in May. The first sample was analyzed on May 7, and since then our sandboxes have processed over 70 specimens from this family. Upon further analysis, it turns out that we had actually started receiving specimens as early as March, 2010. We have been using the moniker “YoyoDdos” to refer to this family (derived from the hostname of one of the initially observed C&C servers.)
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2010BFR902, editor = {Arbor SERT}, author = {ASERT}, title = {The anatomy of a botnet}, date = {23}, month = Aug, year = {2010}, howpublished = {\url{http://www.arbornetworks.com/index.php?option=com_docman&task=doc_download&gid=494&Itemid=615 www.arbornetworks.com}}, }