DDoS Malware Became Very Popular This Past January
March 10, 2016
Shah Sheikh (1294 articles)

DDoS Malware Became Very Popular This Past January

During the first month of the year, malware destined to aid hacking crews and bored script kiddies carry out DDoS attacks was very popular, as cyber-security firm Check Point is reporting.

During the past year, DDoS attacks have reached an all-time high, often peaking at over 500 Gbps, an unimaginable limit a few years back.

With more and more people realizing they could easily rent a botnet online for a few bucks and take revenge against their former employer, DDoS has become a very lucrative business in the past year.

DDoSing is now a profitable business

A recent case study from Arbor Networks showed that a crook renting out his DDoS botnet can make on average $66 per attack and around $54 per day.

Additionally, other hackers use botnets of infected computers to launch coordinated attacks against larger companies and extort them for cash in a blackmail scheme known as DDoS-for-Bitcoin.

As such, with so many recently discovered avenues for monetizing DDoS attacks, it is to no surprise that starting with the last month of 2015, Check Point researchers began seeing a surge in malware that has DDoSing capabilities.

The trend that started last December has helped propel one such malware family to January’s top three most “successful” malware families.

Top 3 malware families for January 2016

According to Check Point, during January 2016, the most encountered malware family was Conficker, which accounted for 24% of all malware infections. This malware has been around from the XP days, but the good news is that it’s detected by most antivirus engines, and isn’t really that feature-packed, most infections probably coming from older, unpatched systems.

Second on the list is Sality, which is a malware dropper, that only focuses on getting persistence on infected systems, and then downloading other more dangerous threats.

Third on the list is a new entry, which is the Dorkbot botnet, a double-edged malware that can steal passwords from your PC, but it can also transform your computer into a bot in a DDoS network.

Dorkbot’s rise to January’s Top 3 is incredible and surprising, taking into account that at the start of December, law enforcement together with ESET and Microsoft were announcing that they managed to shut down its main command and control servers.

This comes to show that there’s a gap that needs to be filled in the underground cybercrime market, where there’s an obvious demand for such tools and services.

Source | SoftPedia