Skynet, a Tor-powered botnet straight from Reddit
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Skynet, a Tor-powered botnet straight from Reddit | |
|---|---|
| Botnet | Skynet |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-12-06 |
| Editor/Conference | Rapid7 |
| Link | https://community.rapid7.com/community/infosec/blog/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit (Archive copy) |
| Author | Claudio Guarnieri, Mark Schloesser |
| Type | Blogpost |
Abstract
“ While wandering through the dark alleys of the Internet we encountered an unusual malware artifact, something that we never observed before that gave us fun while we meticulously dissected it until late night.
The more we spent time looking at it, the more it started to look unusually familiar. As a matter of fact it turned out being the exact same botnet that an audacious Reddit user of possible German origin named “throwaway236236” described in a very popular I Am A thread you can read here.
Following is an overview of this malware labelled by the creator as Skynet: a Tor-powered trojan with DDoS, Bitcoin mining and Banking capabilities, that we observed spreading through the veins of Usenet.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR2233,
editor = {Rapid7},
author = {Claudio Guarnieri, Mark Schloesser},
title = {Skynet, a Tor-powered botnet straight from Reddit},
date = {06},
month = Dec,
year = {2012},
howpublished = {\url{https://community.rapid7.com/community/infosec/blog/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit}},
}