SecurityRatty: tag: irc

PAINTing a Botnet IRC Channel

2008-01-14 19:02:52 by HASH0x8a264c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

I suppose that even for a script kiddie it takes extra time and patience to come up with such a spoofed IRC channel getting crowded with infected hosts. Drawing courtesy of a script kiddie's wishful thinking. Here are some screenshots from the real world , and some of the most recent developments I covered in previous posts

Tags: script kiddie, irc channel, takes extra time, recent developments, real world, previous posts, hosts, courtesy, wishful

Romanian Script Kiddies and the Screensavers Botnet

2008-04-08 03:48:40 by HASH0x8ae5de0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...IRC bot doesn't necessarily mean you posses a certain know-how, a know-how that experienced botnet masters have been outsourcing for years . Malware is obtained through links pointing to xhost.ro/filehost/phrame.php?action=saveDownload&fileId=15735 xhost.ro/filehost/phrame.php?action=editDownload&fileId=12923...

Tags: botnet, botnet masters, script kiddies, romanian script kiddies, botnet courtesy, ny2fw15, alternative botnet, irc, irc bot

Securabit security podcast guest appearance

2008-11-04 11:50:22 by Editor in Irongeek's Security Site

Securabit will be streaming somewhere around 7:30pm EST on Wed, November 5th and have tentatively scheduled me to come on the show. Join them on IRC or Skype: IRC: irc://irc.freenode.net/securabit Skype: (469) 277-2248 Should be fun, and I hope not to embarrass myself live

Tags: irc, skype, netsecurabit skype, 30pm est, november 5th, securabit, freenode, hope, fun

Securabit security podcast guest appearance

2008-11-04 11:50:22 by Editor in Irongeek's Security Site

Securabit will be streaming somewhere around 7:30pm EST on Wed, November 5th and have tentatively scheduled me to come on the show. Join them on IRC or Skype: IRC: irc://irc.freenode.net/securabit Skype: (469) 277-2248 Should be fun, and I hope not to embarrass myself live

Tags: irc, skype, netsecurabit skype, 30pm est, november 5th, securabit, freenode, hope, fun

Inside the Chinese Underground Economy

2007-12-09 22:34:23 by HASH0x89e9090 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...IRC (In-ternet Relay Chat). They typically use bulletin board systems on the Web or IM software like QQ tocommunicate with each other. Orthogonal to a study on the underground black market located within IRC networks, we measure the Chinese-specific underground black market on the Web. We focus onthe most important part located at...

Tags: chinese, chinese underground, underground, underground economy, chinese web, chinese red hackers, china, china eagle union, underground black market

BlackEnergy DDoS Bot Web Based C&Cs

2008-02-12 18:46:35 by HASH0x8b1c6c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...IRC. Also, wedo not see any exploit activities from this bot, unlike a traditional IRC bot. This is a small(under 50KB) binary for the Windows platform that uses a simple grammar tocommunicate. Most of the botnets we have been tracking (over 30 at present) are locatedin Malaysian and Russian IP address space and have targeted Russian sites...

Tags: ddos, bot, blackenergy ddos bot, blackenergy, ddos extortion, ddos attacks, traditional irc bot, irc, botnet master

The reason behind the "We're sorry..." message

2007-07-09 11:54:00 by Niels Provos in Google Online Security Blog

...IRC channel. Adversaries can then remotely control the compromised web servers and use them for DDoS attacks, spam or phishing. Over time, the adversaries have realized that even though a botnet consisting of web servers provides a lot of aggregate bandwidth, they can increase leverage by changing the content on the compromised web servers to...

Tags: web servers, vulnerable web servers, message, google, worms, google displays, worms pdf, queries, detect anomalous queries

The Cybercrime Economy

2008-01-02 07:21:53 by Editor in Schneier on Security

Interesting article: While standard commercial software vendors sell software as a service, malware vendors sell malware as a service, which is advertised and distributed like standard software. Communicating via internet relay chat (IRC) and forums, hackers advertise Iframe exploits, pop-unders

Tags: malware, internet relay chat, malware vendors, software, standard software, service, pop-unders, forums, irc

Pushdo - Web Based Malware as Usual

2007-12-19 18:01:44 by HASH0x89b80bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...irca 2004/2005 The possiblities with PHP and MySQL in respect to flexibility of the statistics, layered encryption and tunneling, and most importantly, decentralizing the command even improving authentication with port knocking are countless. Besides, with all the buzz of botnets continuing to use IRC, it's a rather logical move for botnet...

Tags: malware, web based malware, pushdo, botnet masters circa, botnet masters, nuclear malware kit, botnet, pushdo author, botnet communication platforms

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo