DorkBot is another modified IrcBot that is extremely similar to NgrBot, which is why many antivirus software treat them the same way, oftentimes using the same detection. Our botnet monitoring system has even captured NgrBot and DorkBot at almost the same time. However, according to a deeper analysis of both NgrBot and DorkBot, we find that they should be treated differently. In this blog post, we will discuss the similarities and differences of these two botnets. Version Number The hardcoded version number of DorkBot that we received is the... [Read More]
by RSS He Xu  |  Aug 12, 2014  |  Filed in: Security Research
You have one new notification! Most people don't think twice about a message from a friend on instant messenger, a link to a funny video from a work colleague, or a USB drive with the latest family album. Most of us also assume the next best cat meme isn't going to offload our banking passwords to a remote server, hijack our system for DoS attacks, or hide all the files on our desktop. Unfortunately, Dorkbot does all of these things. Fortinet's threat research division, FortiGuard Labs reported a 0.98% increase in activity from Dorkbot just... [Read More]
by RSS Michael Perna  |  Jul 09, 2014  |  Filed in: Industry Trends