Aldi Bot – Build A Botnet For $15!

Psst – wanna build a Botnet – one that can launch a DDoS attack, steal passwords saved in Firefox, steal passwords for Pidgin, remotely execute any file, or use a victim’s computer as a proxy?

No big deal if you haven’t a clue when it comes to the intricacies of coding, or programming – doesn’t matter if you don’t have any hacking skills – if you’ve got just €10 (about $15) to spare, you can buy Aldi Bot …..

Screen shot published by the malware creator.

…. and, create your very own Botnet. Of course, you’ll need the underground forum addresses where this sly tool is available (no, you won’t get those here).

In an over the edge example of “let’s see how far I can push the envelope” – the kiddie script creator will provide hands on installation instruction for those who need it. According to researchers at GData, who discovered Aldi Bot –

“Chat logs, posted by the malware author, reveal that he actually provides personal assistance for the installation and implementation of the bots, even to malware rookies, so-called noobs, who do not have the slightest idea of how to work with the malicious tools. He even uses TeamViewer to make his customers happy and ready to attack.”

Aldi Bot in action.

In case you might think that this type of do-it-yourself malware creation kit is a new or an unusual phenomenon; it isn’t. Downloadable malicious programs, like this, have been available for some time. Examples of DIY malware kits we’ve covered here in the past, include –

Facebook Hacker

T2W – Trojan 2 Worm (Constructor/Wormer)

Constructor/YTFakeCreator

BitTera.C

I find it discouraging that wannabe cyber crooks, whose technical skills never got past the thumb-texting stage, have such ready access to such powerful malware creation tools. A rather sad reflection on the lack of resources available to the law enforcement community.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

The Teenage Hacker – Fact Or Myth?

Do teenage hackers exist in any significant number? More to the point – do they constitute a threat to your security on the Internet?

Hard statistics are understandably difficult to come by. But, in a study released last year by Panda Security, which looked at the Internet habits of adolescents between 15 and 18 years olds, we may have seen a least a partial answer.

Some of the general statistics brought out by the survey included the following:

More than 50% of those surveyed between 15 and 18 years old, use the Internet daily

Average weekly On-line connection time 18.5 hours

On-line studying activity accounted for 32% of this time

The remaining time involved leisure activities, such as playing games online, watching videos, listening to music, chatting, etc.

These statistics seem real and not unexpected, based on my own experience. But additional statistics generated by the same survey, may be cause for concern.

Two thirds of the survey participants stated they had, at least once, attempted to hack a friend’s instant messaging, or social network account.

As an Internet Security Blogger, the following statistic though, was particularly concerning – According to Panda “17% of adolescent users claim to have advanced technical knowledge, and are able to find hacking tools on the Internet. Of these, 30% claim to have used them on at least one occasion. When asked why, 86% said that curiosity had led them to investigate these public tools”.

See today’s article – BitDefender Says Facebook Hacker: A Do-It-Yourself Kiddie Script Is On The Loose!

I can tell you, based on reader responses to a number of articles I have written on so called “Kiddie Scripts”, and the background research for those articles, the tools referred to by these young people are readily available on the Internet.

I suspect that the typical Internet user would be outraged to see how readily available these free, and in many cases sophisticated hacking tools, really are.

The final statistic from Panda’s survey that interested me was the following, spoken to by Luis Corrons, Technical Director of PandaLabs.

“Even though the percentage is very low, we still come across too many cases of adolescent cyber criminals, such as the recent high-profile case of the 17-year-old creator of worms for Twitter.

We estimate that just 0.5% of these are detected by the corresponding authorities. Those who are drawn into hacking out of curiosity may well end up discovering the financial potential of this activity, and becoming criminals themselves.”

So, is this type of teenage behavior a real threat, or just fanciful teenage thinking? I’ll leave it for you to decide.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

BitDefender Says Facebook Hacker: A Do-It-Yourself Kiddie Script Is On The Loose!

We live in a do-it-yourself world. We’re encouraged to renovate our own homes, repair our own cars, publish our own newsletters, and more; all without the support of paid professionals. It’s fair to say, that we are immersed in a DIY culture.

Not surprisingly then, if you want to create your own malware that will allow you to steal passwords, drop viruses, worms, adware, and Trojans, on innocent people’s computers, you’ll find a DIY culture on the Internet ready to help with a wealth of do-it-yourself malware kits.

The latest, so called Kiddie Script scourge, recently discovered by BitDefender, is Facebook Hacker – identified by BitDefender as Trojan.Generic.3576478.

Using this highly sophisticated do-it-yourself kit, there is no need for amateur cyber- crooks to be familiar with the intricacies of coding, or programming. In the image below, you can see just how easy it is to create malware that can have devastating impact on a victim’s computer. All of this without having to have any hacking skills, or programming knowledge.

According to BitDefender, Facebook Hacker is an application driven by a point and click interface, making it dead easy to construct malware designed to steal login credentials.

As the screen shot shows, there are only three fields that need completion – a disposable e-mail address, a password, and a target.

After clicking the “build” button, a server.exe file is created and deposited into the Facebook Hacker folder along with the initial files. This newly created malware (server.exe), is now ready to do its dirty work.

Here’s how BitDefender describes a Facebook Hacker attack:

Once run, the malicious tool will snatch the victim’s Facebook account credentials, along with all the usernames and passwords that we carelessly ask the browser to remember for us.

In order to successfully collect passwords, the malicious binary includes applications able to squeeze data out of the most popular browsers on the market, as well as of almost all instant messaging clients available.

To add insult to injury, the application also enumerates all dialup/VPN entries on the computer and displays their logon details: User Name, Password, and Domain.

To avoid detection, the Facebook Hacker will look for processes related to a security suite and kill them upon detection. It is important to mention that it is accessorized with a hard-coded list of processes associated with AV solutions that are to be checked and stopped, if found.

Last but not least, the piece of malware looks for network monitoring applications and terminates them. This is a safety measure that will prevent curious users from seeing their passwords leave the system.

In case you might think that this type of do-it-yourself malware creation kit is a new or an unusual phenomenon; it isn’t. Downloadable malicious programs, such as this, have been available for some time.

Some well known examples we’ve covered here in the past include, T2W – Trojan 2 Worm (Constructor/Wormer) – Script Kiddie Paradise, Constructor/YTFakeCreator – A New Kiddie Script/Malware Downloader, and BitTera.C – DIY Malware Creator for Script Kiddies.

These applications are so sophisticated, that even advanced computer users, and business networks, have been successfully penetrated by amateur cyber-criminals using these malicious tools.

Curious as to why these kits are free and downloadable on the Internet? Well, the accepted view is  – “real” cyber-crooks create these free “services” in order to create a market for their pay services – more sophisticated malware creation tools, often customized to the user’s needs.

Regular readers of this Blog are very familiar with the following tips, but they are worth repeating, which offer a substantial level of protection against attacks created by malicious applications that are currently flooding the Internet.

Do not click on unsolicited invitations to download software of any kind.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/Firefox add-on that offers substantial protection against questionable or unsafe websites.

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a website designed to download malware onto your computer.

Consider every email, telephone call, or text message requesting confirmation of your personal and financial information as a scam.

Never click on embedded cell phone links.

When contacting your bank; use a telephone number from your statement, a telephone book, or another independent source.

Keep your computer protected. Install a security solution and keep it up-to-date.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.