Analysis of Skunkx DDoS Bot

Wednesday, March 16, 2011

Analysis of the Skunkx DDost Bot, some of the capabilities of the bot are listed below.

The bot’s capabilities include:
  • Perform DDoS attacks: UDP floods, SYN floods, HTTP floods, and Slowloris attacks
  • Detect some analyst tools (Commview, TCPView, and Wireshark) and platforms (QEMU, VMWare, VirtualPC)
  • Spread over USB, MSN, YahooMessenger
  • “Visit” sites, speedtest
  • Download and install, update, and remove arbitrary software
  • Detect and stop DDoSer, Blackshades, Metus and IRC bots on the box; it apparently can speak “DDoSer” too
  • Spread as a torrent file
  • Steal logins stored in the SQLite DB by Mozilla

Full Analysis by Jose can be found at arbor


  © Blogger templates Newspaper by 2008

Back to TOP