DorkBot is another modified IrcBot that is extremely similar to NgrBot, which is why many antivirus software treat them the same way, oftentimes using the same detection. Our botnet monitoring system has even captured NgrBot and DorkBot at almost the same time. However, according to a deeper analysis of both NgrBot and DorkBot, we find that they should be treated differently. In this blog post, we will discuss the similarities and differences of these two botnets. Version Number The hardcoded version number of DorkBot that we received is the... [Read More]
by RSS He Xu  |  Aug 12, 2014  |  Filed in: Security Research
In 1974 a 13-year old boy named David Dennis discovered that he could lock up a PLATO terminal by making an external request when no external device was present. This prompted David, a student at University High school in Champaign Illinois, to write a program that could send the request to multiple PLATO terminals at once. He first launched the program on a nearby university computer lab, forcing 31 frustrated students to restart their PLATO terminals. The Denial of Service attack was born. In early 2000s the attacks used to be spoofed. Over... [Read More]
by RSS Michael Perna  |  Feb 05, 2014  |  Filed in: Security 101