You dirty RAT! part 2 – BlackShades NET
(Publication) Google search: [1]
| You dirty RAT! part 2 – BlackShades NET | |
|---|---|
| Botnet | BlackShades, DarkComet |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 15 juin 2012 |
| Editor/Conference | Malwarebytes |
| Link | http://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/ (Archive copy) |
| Author | Adam Kujawa |
| Type | |
Abstract
“ Last week we talked about the Remote Administration Trojan DarkComet and all the wonderful and scary things it can do. In response to the twitter post announcing the blog, the author of DarkComet tweeted an answer to my big bold question:
“Considering that this is a Remote Administration Tool, to be used for good and what not….WHY DOES IT HAVE DDOS FUNCTIONALITY!?”
His answer was that he typically uses it for “Performing tests on his personal network to make sure it can protect against those kinds of attacks.” To simplify the answer, it’s like he built a bomb in order to see if his house was explosion-proof. He isn’t lying, it is possible to test your own defenses with such a weapon. I will leave it up to you, the reader, to decide whether or not that is a good enough reason to include the capability to perform Distributed Denial of Service attacks in his software.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1042,
editor = {Malwarebytes},
author = {Adam Kujawa},
title = {You dirty RAT! part 2 – BlackShades NET},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2012},
howpublished = {\url{http://blog.malwarebytes.org/intelligence/2012/06/you-dirty-rat-part-2-blackshades-net/}},
}