Arbor Networks Identifies Fresh DDoS Botnet

Investigators at Arbor Networks the security company claim that they've found one fresh botnet, which targets big corporate organizations while executing DDoS (Distributed Denial-of-Service) assaults.

The malware, which is named JKDDOS, was initially seen two years back during September 2009. However, from then on, 50 variants of the malware emerged till December 2010 when it became a prolific botnet.

The majority of these variants emerged from China while all their C&C servers, except one, used the hosting services of Chinese Internet Protocol addresses, Arbor reports.

Highlights Arbor that JKDDOS automatically loads onto a target PC and takes position within its system32 directory where it gives itself names to appear as system files. Thereafter, it runs during start up by acting like a service registered onto the machine.

In this situation, attackers manage to command bots for taking down and running files, execute orders on the contaminated computers, restart or shutdown host PCs, or carry out no less than 16 separate kinds of DOS assaults, the company discloses.

Indeed, JKDDOS may be a hired tool for launching a criminal DOS condition; however, there aren't any evidences for confirming or not confirming that the code is of this nature, Arbor Networks contends.

Amazingly, the JKDDOS botnet, which is technically not very extraordinary, executes packet-flooding assaults against particular websites through bot-contaminated compromised computers popularly called zombies. These websites getting attacked during the months comprised online stores and gaming sites along with other more strange as well as doubtful websites.

For instance, one investment company was attacked again and again, the security company reports. Stated Security Researcher Jeff Edwards at Arbor Networks, a particularly reputed investment firm within New York was attacked repeatedly through the JKDDOS botnet six times beginning from October 21, 2010 for ten days long when the shortest assault lasted for 3 hours and the longest, 33 hours. Theregister.co.uk published this on March 9, 2011.

Edwards further said that 3 of the total victims had certain association with gold mining, while another one mined manganese. Moreover, the botnet had as well attacked one big enterprise, which produced exquisite wines, he concluded.

Related article: Airport Website Used To Attack NAB Customers

» SPAMfighter News - 3/21/2011