BoteAR: a “social botnet”- What are we talking about

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

BoteAR: a “social botnet”- What are we talking about
Botnet BoteAR
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / October 11, 2012
Editor/Conference Kaspersky lab
Link https://securelist.com/blog/research/57768/botear-a-social-botnet/ (Archive copy)
Author Jorge Mieres
Type Blogpost

Abstract

In information security, talk about botnets equals talk about malicious actions that materialize through criminal action. In essence, we think there is always a hostile attitude on the part of those who administer them. Please correct me colleagues, refute this if I'm wrong, but I think conceptually you agree with me.

BoteAR (developed in Argentina) adopts the concept of "social networks" although it seems, as yet, not fully materialized. It offers a conventional and manageable botnet via HTTP but uses the model of crimeware-as-a-service. Moreover, the author seems to adopt (maybe unknowingly) the business model of affiliate systems originating in Eastern Europe which are used to spread malware i.e. infect and get revenue for each node you infect.

So far nothing unusual, unfortunately we witness this kind of tactic every day. The striking thing about BoteAR though is that it tries to shield itself under a wrapper of security in an attempt to "fraternize" with its community.

Bibtex

 @misc{Mieres2012BFR1178,
   editor = {Kaspersky lab},
   author = {Jorge Mieres},
   title = {BoteAR: a “social botnet”- What are we talking about},
   date = {11},
   month = Oct,
   year = {2012},
   howpublished = {\url{https://securelist.com/blog/research/57768/botear-a-social-botnet/}},
 }