A DDoS family affair: Dirt Jumper bot family continues to evolve

From Botnets.fr
Revision as of 23:35, 31 July 2015 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

A DDoS family affair: Dirt Jumper bot family continues to evolve
Dirt Jumper bot family continues to evolve.png
Botnet Russkill, Dirt Jumper, Dirt Jumper September, Simple, Di BoTNet, Pandora
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-04-05
Editor/Conference Arbor SERT
Link https://asert.arbornetworks.com/a-ddos-family-affair-dirt-jumper-bot-family-continues-to-evolve/ (Archive copy)
Author Curt Wilson
Type

Abstract

Previous blog entries and analysis by others in the security community have shined a light upon the Dirt Jumper DDoS bot. Dirt Jumper continues to evolve (version 5 appears to be the newest) and a variety of other associated bots packages have emerged over time to include Simple, September, Khan, Pandora, the Di BoTNet and at least one private version of Dirt Jumper 5 that I am aware of. While we have collected about 300 malware samples of the Dirt Jumper family, it is likely that other variants are available, as the binaries and back-end PHP for Dirt Jumper has leaked several times. This makes it easy for someone to make slight modifications to the PHP or Delphi binary code and attempt to re-sell the bot, use the bot for their own purposes, or start making money with their own commercial DDoS service. Attacks from the Dirt Jumper family of bots continue to target victims all around the world in a robust manner and we will take a look at who is being attacked, although we cannot always determine the motive.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR979,
   editor = {Arbor SERT},
   author = {Curt Wilson},
   title = {A DDoS family affair: Dirt Jumper bot family continues to evolve},
   date = {05},
   month = Apr,
   year = {2012},
   howpublished = {\url{https://asert.arbornetworks.com/a-ddos-family-affair-dirt-jumper-bot-family-continues-to-evolve/}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=A_DDoS_family_affair:_Dirt_Jumper_bot_family_continues_to_evolve&oldid=5137"