Dirt Jumper DDoS bot increasingly popular
(Publication) Google search: [1]
| Dirt Jumper DDoS bot increasingly popular | |
|---|---|
| |
| Botnet | Dirt Jumper |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-05-30 |
| Editor/Conference | Arbor Sert |
| Link | https://asert.arbornetworks.com/dirt-jumper-ddos-bot-increasingly-popular/ (Archive copy) |
| Author | Jose Nazario |
| Type | |
Abstract
“ We’ve profiled the Dirt Jumper DDoS bot before and shown its evolution over the years. We then took this analysis into our zoo to see which DDoS bot families are growing in popularity with attackers. The marketplace has opened up significantly (see Curt’s excellent overview of DDoS tools and services) in recent years, and with that comes competition.
In the past few years, the popular kit we saw in our zoo was Black Energy, an easy to use, powerful DDoS bot distributed in Russian-language spheres. You could find it on the net for anywhere from $40 to free, depending on how hard you looked. Starting in 2009, Black Energy version 2 was available. It boasted a modular architecture and included banking theft Trojan functionality to augment the DDoS functionality. Another competitor that appeared in this timeframe was Optima or Darkness. It then becomes interesting to look in one’s zoo to see which families are popular at present.
The graphic below is from some quick analysis of our zoo, looking at our automated classification system that tags samples with the appropriate family name. Optima includes the group of Darkness, Optima and Votwup samples we have seen; Black Energy focuses on the BEv1 samples we have seen in the wild, and omits any BEv2 samples we have; Dirt Jumper includes all Russkill variants and Dirt Jumper variants we have seen. What we saw was a bit surprising, namely the rate at which Dirt Jumper samples appear in our zoo and quickly overtake the other families in terms of popularity. This matches anecdotally what we had seen, but the magnitude itself is surprising.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1017,
editor = {Arbor Sert},
author = {Jose Nazario},
title = {Dirt Jumper DDoS bot increasingly popular},
date = {30},
month = May,
year = {2012},
howpublished = {\url{https://asert.arbornetworks.com/dirt-jumper-ddos-bot-increasingly-popular/}},
}