Darkness DDoS bot version identification guide
Revision as of 22:23, 5 August 2015 by Eric.freyssinet (talk | contribs) (Text replacement - " www.shadowserver.org" to "")
(Publication) Google search: [1]
| Darkness DDoS bot version identification guide | |
|---|---|
| Botnet | Darkness |
| Malware | Darkness (bot) |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2011 / 27 janvier 2011 |
| Editor/Conference | Shadowserver Foundation |
| Link | http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110127 (Archive copy) |
| Author | André M. DiMino, Mila Parkour |
| Type | |
Abstract
“ Since the last post about the Darkness DDoS bot, there have been some questions and uncertainty about the versions of this bot and the latest version available. Understanding the different versions of the bot allows for easier identification of the malware during its analysis.
We want to provide an update to these past posts and provide additional information about the current and previous versions of the Darkness DDos bot.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR839,
editor = {Shadowserver Foundation},
author = {André M. DiMino, Mila Parkour},
title = {Darkness DDoS bot version identification guide},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2011},
howpublished = {\url{http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110127}},
}