Last visit was: Fri Jul 04, 2014 8:21 pm
It is currently Fri Jul 04, 2014 8:21 pm

Aidra bot-net


All times are UTC - 5 hours [ DST ]


 [ 5 posts ] 
Author Message
 PostPosted: Wed Feb 29, 2012 5:17 am   
Spam Reporter
User avatar

Joined: Thu May 20, 2010 12:29 am
Posts: 126
Aidra bot-net
Copyright (C) 2011 Federico Fazzi, <federico@ahacktivia.org>
Quote:
a mass-tool commanded by irc that allows scanning and
exploiting routers for make BOTNET (in rx-bot style), in addition to this, with aidra you can perform some attacks with tcp/udp flood.


From http://www.atma.es/
Quote:
URGENT:
We are detecting a great amount of attacks -mainly Telnet- coming from all sorts of devices like home routers, IPTV set-top boxes, DVDRs, VoIP devices and media centers that have been hijacked by a new malware, named by its primary author "The Aidra bot-net".

Chances are that your desktop antivirus, firewall, etc. will neither detect it nor stop it. Try to keep your net devices off as long as possible, avoid -more than ever- default/empty/trivial passwords and close every port you don't really need.
...
2012 Atma.es, January 26th - February 12th.

the read more links to a zip file containing two live samples, some screen captures and a readme
Code:
http://www.atma.es/aidra.zip


I would have posted in this topic:
P2P (sort of) replaces ZeuS C&C
but I'm not sure if Symantec is talking about the same thing.

_________________
Opto, ergo sum


Top
 Profile  
 PostPosted: Wed Feb 29, 2012 9:55 am   
You are kiillllling-a my bizinisss!
User avatar

Joined: Thu Mar 01, 2007 3:01 am
Posts: 5915
the first thing I thought of was Activia, a yogurt in the US that's supposed to help your bowel function. Interesting name for something that attacks via "floods."


Top
 Profile  
 PostPosted: Wed Feb 29, 2012 5:10 pm   
Spammer Killing Machine
User avatar

Joined: Sun Jun 13, 2010 5:22 pm
Posts: 528
AlphaCentauri wrote:
the first thing I thought of was Activia, a yogurt in the US that's supposed to help your bowel function. Interesting name for something that attacks via "floods."
Is Activia ActiveXEnabled? :)

A botnet that I have encountered a few times within the last week checks for mobile devices visiting its malicious web pages. An example is decoded at
http://jsunpack.jeek.org/dec/go?report= ... c12cad85b3

A comment by HansTheBlueFrog in a WOT forum suggests that the cutwail spambot network may be responsible.


Top
 Profile  
 PostPosted: Wed Feb 29, 2012 8:01 pm   
Spam Reporter
User avatar

Joined: Thu May 20, 2010 12:29 am
Posts: 126
If you DL the samples, you'll find inside the readme, the author claims his Aidra to be a rewrite of Hydra - Googled

his Tweets: http://twitter.com/#!/federicofazzi

WOT scorecard: twitter.com/federicofazzi

_________________
Opto, ergo sum


Last edited by g7w on Wed Feb 29, 2012 8:34 pm, edited 1 time in total.

Top
 Profile  
 PostPosted: Wed Feb 29, 2012 8:05 pm   
Spam Reporter
User avatar

Joined: Thu May 20, 2010 12:29 am
Posts: 126
AlphaCentauri wrote:
the first thing I thought of was Activia, a yogurt in the US that's supposed to help your bowel function. Interesting name for something that attacks via "floods."

LOL

It's a wonder the author didn't use the pen name J L Curtis; after all , she is the Scream Queen

_________________
Opto, ergo sum


Top
 Profile  
 [ 5 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Wayback machine and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style originally created by Volize © 2003 • Redesigned SkyLine by MartectX © 2008