Botnet Analytics Blog

Blogging the Science of Botnet Analysis

About
BotnetAnalytics.com is a botnet research portal that is purely intended for analyzing, sharing ideas, views and results. This portal would be releasing in the near future. Until then, this blog would be discussing on the status of BotnetAnalytics.com and the steps we are taking to build it, to become a complete site. You are most welcome to contact us, comment of existing stuff which includes both good and bad, volunteer for projects that exist or something new. Feel free to contact us at any point of time @ contact.fingers ({at}) gmail.com.

Botnet Monitor

February 20th, 2010

When looking for Botnet Monitors, we found the following that sounded really interesting:

Infiltrator v0.1

Security

— Posted by zeroq @ 17:19 – 15 Nov, 2007

For those of you interested in little helpful tools, i uploaded my infiltrator script for quick and dirty botnet monitoring. There is no documentation available right now but usually a questionmark in front of a command gives some hints (e.g. ? show all).

Have fun: infiltrator.tar.gz

Source: http://zeroq.kulando.de/post/2007/11/15/infiltrator_v01#comments

Rishi Botnet Detection

Rishi is a botnet detection software, capable of detecting hosts infected with IRC based bots by passively monitoring network traffic. A webinterface provides additional information to found incidents.

Source: http://sourceforge.net/projects/rishi/

Both the tools listed above was created by Jan Goebel. Just thought of sharing it with our users. Thank you for choosing our blog!

Posted in Uncategorized

EvilFingers Blog
- State of the art in CRiMEPACK Exploit Pack May 27, 2010
  CRiMEPACK exploit pack is a widespread and accepted in the crime scene in this area came under the slogan “Highest Lowest rates for the price“. He is currently In-the-Wild 3.0 version is being developed as alpha (the first of this version). That’s, is in the middle stage of evaluation, perhaps in the […]
- BlackHat SEO Campaign for the thirtieth anniversary of PAC-MAN May 24, 2010
  Recently, the legendary video game PAC-MAN has completed 30 years of existence and Google has launched a campaign in his honor by placing a banner that allows even play. However, Google not only benefits from this but also cyber-criminals, who saw in this campaign a new opportunity to attack and have launched […]
- Announcement: New Media Partner – CONFidence April 25, 2010
  We are happy to announce our partnership with CONFidence, one of the leading conferences in the InfoSec community. They are conducting their 7th Conference next month. Check it out at: http://2010.confidence.org.pl/ We encourage all our users to attend CONFidence, and if you do please do contact us to receive 10% discount on the conference registration. Read […]
- SPAM looks so real March 17, 2010
  Just received an email for Wordpress blog of a comment to our Botnet Analytics Blog post, that looks so real: To: contact.fingers@gmail.com Subject: [Botnet Analytics Blog] Please moderate: “Commercializing Botnets” X-PHP-Script: botnet.kaffenews.com/wp-comments-post.php for xxxxxxx Date: Wed, 17 Mar 2010 10:01:00 -0400 From: xxxxxx Message-ID: X-Priority: 3 […]
- IRS Scam Campaign on proposal by Zeus February 20, 2010
  In the last hours has launched a new campaign as an excuse ZeuS a scam using the IRS (Internal Revenue Service) by which propagates its trojan. ZeuS trojan variant in this case has the MD5 14FBCE4A3F67E46B18308AC6824B2A00 under the name tax-statement.exe, whose detection rate is high. In addition, the person entering this page, in a transparent manner will […]

Archive
Calendar
September 2010

M T W T F S S

« Aug

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29 30
Blogroll
Rootkit Analytics
- Update on Next Version of SpyDLLRemover August 16, 2010
  Here is the brief update on upcoming release of SpyDLLRemover. Most of the major work highlighted in our previous blog post has been completed and only some final art work is left out. Below is the fresh glimpse of new banner which is going to replace old one. Just being the old, other reason for change […]
- Releasing Soon: New Version of SpyDLLRemover August 2, 2010
  We are vigorously working on next major version of SpyDLLRemover which will bring out the best changes that our users have been looking for since the beginning. We have received lot of feedbacks directly as well as through various forums mentioning about improvements in SpyDLLRemover. One of the most asked enhancement was the ‘Re-sizable Window feature’ [... […]
- Rootkit Analytics – The New Look June 28, 2010
  Rootkit Analytics has the new look and feel and not just that, we are now working on more stuff that would make it user friendly. We aren’t going to list each minute tweak, but there is a lot more to come. Hence, we would complete it all and keep you posted on any major update. […]
- StreamArmor – New Tool to Scan & Sweep Malicious Streams March 27, 2010
  StreamArmor (previously HiddenADSExplorer) is the sophisticated tool for discovering hidden alternate data streams (ADS) as well as clean them completely from the system. It’s advanced auto analysis coupled with online threat verification mechanism makes it the best tool available in the market for eradicating the evil streams. It comes with fast multi threa […]
- Now Post Your Rootkit Queries on SpywareAnalytics Forum March 23, 2010
  Spyware Analytics Forum, the division of EvilFingers empire is released to public now. The main aim of this forum is to provide an interface for home & enterprise users to interact with security professionals. Most users do not really get a chance to directly interact with professionals who can really solve their issues. Spyware Analytics is […]
Meta
Tags