Category: Botnets

Kardon Loader Looks for Beta Testers

Kardon Loader Advertisement

Key Findings ASERT researchers discovered Kardon Loader being advertised on underground forums. Kardon Loader features functionality allowing customers to open their own botshop, which grants the purchaser the ability to rebuild the bot and sell access to others. Kardon Loader is in early stages of […]

Read more

The ARC of Satori

Authors: Pete Arzamendi, Matt Bing, and Kirk Soluk. Satori, the heir-apparent to the infamous IOT malware Mirai, was discovered by researchers in December 2017. The word “satori” means “enlightenment” or “understanding” in Japanese, but the evolution of the Satori malware has brought anything but clarity. […]

Read more

SnatchLoader Reloaded

Executive Summary SnatchLoader is a “downloader” malware—a type of malware that specializes in distributing (or loading) other malware onto infected computers. We first started seeing it in the wild around January 2017, but after a few months it went dormant. Recently, development of the malware […]

Read more

The Flusihoc Dynasty, A Long Standing DDoS Botnet

Since 2015, ASERT has observed and followed a DDoS Botnet named Flusihoc. To date very little has been published about this family, despite numerous anti-virus and intrusion detection signatures created by various vendors. Flusihoc has remained persistent with multiple variants, over 500 unique samples in […]

Read more

LockPoS Joins the Flock

While revisiting a Flokibot campaign that was targeting point of sale (PoS) systems in Brazil earlier this year, we discovered something interesting. One of the command and control (C2) servers that had been dormant for quite some time had suddenly woken up and started distributing […]

Read more

Pivoting off Hidden Cobra Indicators

On June 13th 2017, US-CERT issued a joint Technical Alert (TA17-164A) entitled Hidden Cobra – North Korea’s DDoS Botnet Infrastructure. The alert, which was the result of analytic efforts between the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), included a list […]

Read more