E-Book, Englisch, 168 Seiten
Dunham / Melnick Malicious Bots
Erscheinungsjahr 2008
ISBN: 978-1-4200-6906-8
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
An Inside Look into the Cyber-Criminal Underground of the Internet
E-Book, Englisch, 168 Seiten
ISBN: 978-1-4200-6906-8
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Originally designed as neutral entities, computerized bots are increasingly being used maliciously by online criminals in mass spamming events, fraud, extortion, identity theft, and software theft. Malicious Bots: An Inside Look into the Cyber-Criminal Underground of the Internet explores the rise of dangerous bots and exposes the nefarious methods of “botmasters”. This valuable resource assists information security managers in understanding the scope, sophistication, and criminal uses of bots.
With sufficient technical detail to empower IT professionals, this volume provides in-depth coverage of the top bot attacks against financial and government networks over the last several years. The book presents exclusive details of the operation of the notorious Thr34t Krew, one of the most malicious bot herder groups in recent history. Largely unidentified by anti-virus companies, their bots spread globally for months, launching massive distributed denial of service (DDoS) attacks and warez (stolen software distributions). For the first time, this story is publicly revealed, showing how the botherders got arrested, along with details on other bots in the world today. Unique descriptions of the criminal marketplace – how criminals make money off of your computer – are also a focus of this exclusive book!
With unprecedented detail, the book goes on to explain step-by-step how a hacker launches a botnet attack, providing specifics that only those entrenched in the cyber-crime investigation world could possibly offer.
Authors Ken Dunham and Jim Melnick serve on the front line of critical cyber-attacks and countermeasures as experts in the deployment of geopolitical and technical bots. Their work involves advising upper-level government officials and executives who control some of the largest networks in the world. By examining the methods of Internet predators, information security managers will be better able to proactively protect their own networks from such attacks.
Zielgruppe
Information security and auditing professionals
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
Introduction to Bots
Thr34t Security Krew and the TK Worm
The Investigation of the Thr34t Krew - Lance Mueller
First DYNDNS Account (BestIce)
Second DYNDNS Account (Phreeze)
Third DYNDNS Account (d00m)
Seth Fogie
Help with Technical Details
A Trip Across the Pond
Sitexec
DiSice
XaNith
Sitexec
Second Search Warrant Sweep
Jadaka
Mr40
Thr34t Krew Investigation Concluding Comments
Demonstration: How a Hacker Launches a Botnet Attack
Step 1: Find, Modify, and Build a Bot
Step 2: Customize the Binary for Attack
Step 3: Launch the Attack
Step 4: Managing the Botherd
Step 5: Payloads, with an Emphasis on “Pay”
Introduction to the Use of Botnets in Criminal Activity
Timeline
Bots: A Pathway to Criminalization of the Information Age
Bots: The Integrated Business Solution for Criminals
“Botmasters” Who Were Caught
International Botnet Task Force Conferences
Operation “Bot Roast” I and II
How Big Do Botnets Need to Be to Pose a Serious Threat?
Peering Inside the IRC Botnet
Post-IRC-Based Bots
Botnet Attack Statistics
Botnet Features and the Criminal Enterprise
A Modular Approach to Botnets: A Major Aid to
Criminals
Granular Spreading Capabilities
A “Service Bot”
The Degradation Feature of Botnets and Its Impact on
Criminal Activity
Changes in the Management of Botherds
Botherds through the Eyes of a Criminal Mind
Criminal Vectors Utilizing Bots
Theft of Sensitive Information
DDoS Attacks and Extortion
Bot for Rent or Hire
Spam
Spam Bots and Criminalization
Pump-and-Dump Fraud
Covert Communications
Click Fraud and Affiliate Abuse
Adware Abuse
Taking Out the Competition
Botnets and the eCrime Cycle: The iSIGHT Partners’ Approach
Technical Introduction to Bots
Common Ports
Command and Control Strategies
IRC C&C
Peer-to-Peer C&C
Web-Based C&C
Use of Encryption or Obfuscation
Types of Distributed Denial of Service (DDoS) Attacks
Introduction to Selected Bots
Mitigation
Glossary
Bibliography