| ||
Sat 2025-02-22
Wed 2025-02-19
Tue 2025-02-18
Sun 2025-02-16
Sat 2025-02-15
Fri 2025-02-14
Thu 2025-02-13
Wed 2025-02-12
Sun 2025-02-09
Fri 2025-02-07
David Hockney's A Rake's Progress Thu 2025-02-06
Wed 2025-02-05
Search
Archives
2024
12 11 10 09 08 07 06 05 04 03 02 01
2023
2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
One good site
MDN
Nelson Minar
Blog licensed under a Creative Commons License
|
Lurhq has a fascinating analysis of
phatbot, the latest Windows worm payload.
These zombie networks have
been around for a few years and are responsible for distributed denial
of service attacks and spam distribution. They have sophisticated
control networks.
Note the evolution of these bots:
Phatbot is actually a direct descendant of Agobot, with additional
code rolled in from other sources. These additions have made Phatbot a
more versatile and dangerous threat in the realm of Internet security.
Do they share source? Or binary hacks?
What's most interesting is this is the first big bot network that doesn't use IRC for the control channel. Instead it uses WASTE, bootstrapped by Gnutella. No encryption yet. We've come a long way since The Morris Worm (whose author is now an MIT professor). Stacheldraht was the first of the coordinated worms I learned about; amazing how much further it's come. We're still not quite to the 8 minute nightmare of Warhol worms, although Slammer was close. These things are so powerful, I just wish someone could use them for good. As seen on warmbrain
Thanks to Marc for pointing out how interesting this was |
|
