Botnet Launches DDoS Attack Capability

Wednesday, March 16, 2011 @ 08:03 PM gHale


SpyEye gained an update with distributed denial-of-service (DDoS) functionality that can attack a command and control (C&C) blacklisting project.

The new DDoS plug-in added into SpyEye v.1.3.10 specifically to attack abuse.ch, said experts from RSA Fraud Action Research Lab.

Abuse.ch is a project the Swiss security researcher Roman Hüssy created several years ago to track C&C servers for the most prevalent botnets.

The effort started with ZeuS Tracker and expanded with SpyEye tracker and more recently Palevo Tracker.

All of these services track C&Cs in real time using a variety of techniques and they provide useful data for ISPs and companies who use it to block the offending IPs at network level.

The abuse.ch trackers are so effective that high profile SpyEye botnet masters have recently began brainstorming to find methods to destroy them or at least throw them off track, said independent security journalist Brian Krebs

“DDoS attacks not only hurt the website’s availability by clogging its bandwidth with junk web traffic. When coupled with data corruption it could also render critical security information used by service providers, security researchers and the general public both unavailable and/or tainted,” said RSA researchers.



Leave a Reply

You must be logged in to post a comment.