BoteAR: a “social botnet”- What are we talking about
(Publication) Google search: [1]
BoteAR: a “social botnet”- What are we talking about | |
---|---|
Botnet | BoteAR |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / October 11, 2012 |
Editor/Conference | Kaspersky lab |
Link | https://securelist.com/blog/research/57768/botear-a-social-botnet/ (Archive copy) |
Author | Jorge Mieres |
Type | Blogpost |
Abstract
“ In information security, talk about botnets equals talk about malicious actions that materialize through criminal action. In essence, we think there is always a hostile attitude on the part of those who administer them. Please correct me colleagues, refute this if I'm wrong, but I think conceptually you agree with me.
BoteAR (developed in Argentina) adopts the concept of "social networks" although it seems, as yet, not fully materialized. It offers a conventional and manageable botnet via HTTP but uses the model of crimeware-as-a-service. Moreover, the author seems to adopt (maybe unknowingly) the business model of affiliate systems originating in Eastern Europe which are used to spread malware i.e. infect and get revenue for each node you infect.
So far nothing unusual, unfortunately we witness this kind of tactic every day. The striking thing about BoteAR though is that it tries to shield itself under a wrapper of security in an attempt to "fraternize" with its community.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1178, editor = {Kaspersky lab}, author = {Jorge Mieres}, title = {BoteAR: a “social botnet”- What are we talking about}, date = {11}, month = Oct, year = {2012}, howpublished = {\url{https://securelist.com/blog/research/57768/botear-a-social-botnet/}}, }