Cyber Crime and Cyber Terrorism



Download 5,67 Mb.
Pdf ko'rish
bet238/283
Sana19.05.2022
Hajmi5,67 Mb.
#604880
1   ...   234   235   236   237   238   239   240   241   ...   283
Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

233
 
A botnet roadmap
It was around 2003 that the criminal interest in botnet capabilities began to be-
come apparent. At the start of the decade, spamming was still a “home-work” occu-
pation with large volumes of Spam sent from dedicated Server Farms, Open Relays 
or compromised servers.
Bagle and Bobax were the first spamming botnets and the malware Mytob was 
essentially a blend of earlier mass mailing worms MyDoom and SDbot. This enabled 
criminals to build large botnets and distribute their spamming activities across their 
entire victim PCs, giving them agility and flexibility and helping them to avoid the 
legal enforcement activity that was starting to be aggressively pursued.
In 2005, a Russian group of five developers known as UpLevel started developing 
Zeus, a “Point-and-Click” program for creating and controlling a network of com-
promised computer systems (
Lemos, 2010
). The following year they released the 
first version of the program, a basic Trojan designed to hide on an infected system 
and steal information. In 2007, the group came out with a more modular version, 
which allowed other underground developers to create plug-ins to add to its func-
tionality. Five years of development later, the latest version of this software (which 
can be downloaded for free and required low technical skill to operate), is one of the 
most popular botnet platforms for spammers, fraudsters, and people who deal in sto-
len personal information (note that there was an increase of actions you can perform 
with a malware). The latest Zeus platform allows users to build custom malicious 
software to infect target systems, manage a wide network of compromised machines, 
and use the resulting botnet for illegal gain. The construction kit contained a pro-
gram for building the bot software and Web scripts for creating and hosting a central 
Command and Control server (
Figure 17.1
).
A survey conducted by a security firm—Atlanta-based Damballa—found Zeus-
controlled programs to be the second most common inside corporate networks in 
2009. Damballa tracked more than 200 Zeus-based botnets in enterprise networks. 
The largest single botnet controlled using the Zeus platform consisted of 600,000 
compromised computers.
Consequently, independent developers have created compatible “exploit packs” 
capable of infecting victims’ systems using vulnerabilities in the operating system 
or browser. Other developers focus on creating plug-in software to help “wan-
nabe” cybercriminals in making money from a Zeus botnet. For example some 
add-ons focus on phishing attacks, delivering images and Web pages needed to 
create fraudulent banking sites. With the mentioned features it is very hard for 
antivirus software to identify a Zeus payload (
Binsalleeh et al., 2010; Falliere and 
Chien, 2009; Wyke, 2011
).
Zeus obviously is not the only tool available for building a botnet, but its birth is 
a milestone for the entire cybercriminal sector since it was designed with the “non-
expert” user in mind, including simple point-and-click interfaces for managing in-
fected machines (for these reasons called ZeuS Crimeware family). For example 
ZeroAccess botnet—specialized in click fraud attacks and apparently disrupted in 
2013—was probably wider than Zeus (it is estimated millions of infections globally 
in 2012, with up to 140,000 unique IPs in the US and Europe).



Download 5,67 Mb.

Do'stlaringiz bilan baham:
1   ...   234   235   236   237   238   239   240   241   ...   283




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish