Your SlideShare is downloading. ×
0
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Fear, Uncertainty and Doubt

655

Published on

Presentation given in collaboration with Laurent Schmid (electric-haze.org) at the Espace Jules Verne of the Maison D\'ailleurs, Yverdon, Switzerland.

Presentation given in collaboration with Laurent Schmid (electric-haze.org) at the Espace Jules Verne of the Maison D\'ailleurs, Yverdon, Switzerland.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
655
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. FUD FEAR, UNCERTAINTY AND DOUBT Dark Designs Symposium Yverdon - October 14 2008
  • 2. BOT • derived from the word "robot" • program that performs repetitive functions • infected computer controlled by another computer
  • 3. BOTNET • a network of bots • commonly used to control or attack computer systems • controlled through an IRC channel. • also referred to as “zombies” or “drones”
  • 4. USE OF BOTNETS • distributing spam • mounting DDoS attacks • sniffing network traffic • key logging • click fraud (Google AdWords)
  • 5. IRC • Internet Relay Chat • created in 1988 • first bots : 1993 • client / server
  • 6. HISTORY • 1999: SETI@home • screensaver program • prove the viability and practicality of the 'distributed grid computing' concept
  • 7. SETI@home
  • 8. February 2000 • first widely publicized botnet incident • floods CNN.com, Amazon.com, eBay... • 75 computers in 52 different networks
  • 9. SubSeven Discovered: June 6, 1999 also known as: Backdoor.SubSeven (Kaspersky Lab), Backdoor.SubSeven22 (Symantec), BackDoor.SubSeven (Doctor Web), Troj/Sub7-1.7 (Sophos), Backdoor:Win32/SubSeven.A (RAV)...
  • 10. SubSeven
  • 11. SubSeven • server / client • control over IRC • monitor keystrokes • remote desktop application
  • 12. SubSeven
  • 13. SubSeven
  • 14. SubSeven • october 2000 • 800 infected computers found • SexxxyMovie.mpeg.exe
  • 15. GTbot • modified IRC client • coupled with the hackers own scripts • port scanning • DDoS attacks
  • 16. DDoS • Distributed Denial of Service Attack • attacker causes a network of computers to “flood” a victim computer with large amounts of data or specific commands
  • 17. GTbot
  • 18. GTbot
  • 19. DDoS
  • 20. Agobot • most widely circulated virus in history • best-written source code • C++ base plugin framework • GPL license
  • 21. Op.Cyberslam • October 2003 • Agobot used in DDoS attack • Botnet: 5000 to 15000 computers • FBI investigation
  • 22. Op.Cyberslam
  • 23. Op.Cyberslam
  • 24. October 2005 • Discovery of a botnet counting 1.5 million compromised computers
  • 25. January 2007 • The Storm Botnet is identified. • Estimate: from 600 million computers on the Internet, 150 million belong to a botnet (Vint Cerf).
  • 26. STORM BOTNET • 1 million to 50 million computer systems • encrypted P2P control • more computing power than the world’s 500 top supercomputers
  • 27. Russian Business Network
  • 28. RBN • cybercrime organization • personal identity theft • bulletproof hosting • child pornography, phishing, spam, and malware distribution • physically based in St. Petersburg
  • 29. Companies RBNet, TcS Network, RBNetwork, Nevcon Ltd. RBusinessNetwork, (Panama), iFrame Cash, Too coin Software Aki Mon Telecom, (UK), 4Stat, 76service, Eexhost, MalwareAlarm... Rusouvenirs Ltd.,
  • 30. Malware Gozi, Grab, Haxdoor, Metaphisher, Mpack, Ordergun, Pinch, Rustock, Snatch, Torpig, URsnif... • viruses or worms • send data back to RBN servers
  • 31. October 2007 • Storm Botnet reduces size • fallen to 160,000 systems • partitioning / smaller networks • 40-byte key encryption
  • 32. November 2007 • RBN vanishes from the web • unusual bulk registries of thousands of Web addresses in China • servers move to Shangai/Taiwan
  • 33. KRAKEN BOTNET • largest botnet as of april 08 • over 400’000 bots • also known as: Bobax, Oderoor, Cotmonger

×