Difference between revisions of "Dorkbot"

From Botnets.fr
Jump to navigation Jump to search
m (Text replacement - "=Unknown" to "=")
 
Line 3: Line 3:
|Alias=Ngrbot
|Alias=Ngrbot
|Target=Microsoft Windows
|Target=Microsoft Windows
|UserAgent=Unknown
|UserAgent=
|CCProtocol=IRC
|CCProtocol=IRC
|Feature=Bitcoin mining, USB vector, Skype vector, File download, SYN flood, UDP flood, Slowloris, DNS blocking of AV companies, Geolocalisation, Twitter password theft, Facebook password theft, Bebo password theft, Friendster password theft, Paypal password theft, Netflix password theft, Sendspace password theft, IM password theft,
|Feature=Bitcoin mining, USB vector, Skype vector, File download, SYN flood, UDP flood, Slowloris, DNS blocking of AV companies, Geolocalisation, Twitter password theft, Facebook password theft, Bebo password theft, Friendster password theft, Paypal password theft, Netflix password theft, Sendspace password theft, IM password theft,
|Status=Unknown
|Status=
|BeginYear=2011
|BeginYear=2011
|EndYear=Unknown
|EndYear=
|Group=DDoSing
|Group=DDoSing
|Fonctionnalités=* Vols d'identifiants (IM, réseaux sociaux - [[feature::Twitter password theft|Twitter]], [[feature::Facebook password theft|Facebook]], [[feature::Bebo password theft|Bebo]], [[feature::Friendster password theft|Friendster]], [[feature::Paypal password theft|Paypal]], [[feature::Netflix password theft|Netflix]], [[feature::Sendspace password theft|Sendspace]]...)
|Fonctionnalités=* Vols d'identifiants (IM, réseaux sociaux - [[feature::Twitter password theft|Twitter]], [[feature::Facebook password theft|Facebook]], [[feature::Bebo password theft|Bebo]], [[feature::Friendster password theft|Friendster]], [[feature::Paypal password theft|Paypal]], [[feature::Netflix password theft|Netflix]], [[feature::Sendspace password theft|Sendspace]]...)

Latest revision as of 15:46, 8 August 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Dorkbot
Alias Ngrbot
Group DDoSing
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns:

Target Microsoft Windows
Origin
Distribution vector
UserAgent
CCProtocol IRC (Centralized)
Activity 2011 /
Status
Language
Programming language
Operation/Working group

Introduction

Dorkbot appelé également Ngrbot représente un réseau de machines zombies infectées par le cheval de Troie du même nom. Il est notamment connu pour ses modes de réplications divers tels que la messagerie instantané, les réseaux sociaux (notamment Facebook) et les périphériques amovibles.

Features


Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
A chat with NGR BotChong Rong HwaInfoSec Institude2012
An analysis of Dorkbot’s infection vectors (part 2)Horea CoroiuMicrosoft Malware Protection Centre2012
Analysis of ngrBotKimberlyStopMalvertising2011
Dorkbot: conquistando LatinoaméricaPablo RamosESET2012
MSRT March 2012: breaking badRex PlantadoMicrosoft2012
NGRBot spreads via chatNiranjan JayanandMcAfee2012
Ngrbot steals information and mine BitcoinsSonicWALL UTM research teamSonicWALL2011
The Dorkbot risesBernadette IrincoTrend Micro2012
Retrieved from "https://www.botnets.fr/index.php?title=Dorkbot&oldid=12344"