BoteAR: a “social botnet”- What are we talking about

Jump to navigation Jump to search

(Publication) Google search: [1]

BoteAR: a “social botnet”- What are we talking about
Botnet BoteAR
Botnet/malware group
Exploit kits
Distribution vector
Operation/Working group
Date 2012 / October 11, 2012
Editor/Conference Kaspersky lab
Link (Archive copy)
Author Jorge Mieres
Type Blogpost


In information security, talk about botnets equals talk about malicious actions that materialize through criminal action. In essence, we think there is always a hostile attitude on the part of those who administer them. Please correct me colleagues, refute this if I'm wrong, but I think conceptually you agree with me.

BoteAR (developed in Argentina) adopts the concept of "social networks" although it seems, as yet, not fully materialized. It offers a conventional and manageable botnet via HTTP but uses the model of crimeware-as-a-service. Moreover, the author seems to adopt (maybe unknowingly) the business model of affiliate systems originating in Eastern Europe which are used to spread malware i.e. infect and get revenue for each node you infect.

So far nothing unusual, unfortunately we witness this kind of tactic every day. The striking thing about BoteAR though is that it tries to shield itself under a wrapper of security in an attempt to "fraternize" with its community.


 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1178,
   editor = {Kaspersky lab},
   author = {Jorge Mieres},
   title = {BoteAR: a “social botnet”- What are we talking about},
   date = {11},
   month = Oct,
   year = {2012},
   howpublished = {\url{}},