Mining Botnet gets DDoS Boost

Monday, August 29, 2011 @ 05:08 PM gHale

A P2P Bitcoin mining botnet now has distributed denial of service (DDoS) capabilities, a security researcher said.

It’s main reason of existence has so far been Bitcoin mining, as the bot installs three Trojans with that function (Ufasoft, RCP and Phoenix), but it also functions as a way of delivering other malicious software to the infected machines, said Kaspersky Lab expert Tillmann Werner.

Battery Sites Suffer Attacks
New DoS Tool Hits Cyber Street
Man in the Middle Attack? Not So Fast
Encryption Standard Can be Beat

And among the delivered files are two DDoS program. The attack targets change as the botnet operators deliver different victim lists, according to H Security.

Currently, the first module, which uses HTTP flooding, is attacking 31 German and two Austrian estate agency portals and food industry sites.

The second one, using UDP flooding, is targeting the IP addresses of companies that offer anti-DDoS services.

Among the food industry sites targeted is, which confirmed it suffered an attack for three hours, during which 20,000 – 30,000 HTTP requests per second, coming from some 50,000 IP addresses, hit the firm.

Given the P2P architecture, this botnet will be extremely hard to take down. As things stand, the number of infected machines taking part of it is increasing. And, as its targets are easy to update by its operators, the next victims will likely come from the people who will rent its services in the future.

Leave a Reply

You must be logged in to post a comment.