The Latest in IT Security

Lulzsec’s Brazil DDOS Attack Code

24
Jun
2011

We’ve recently received a sample of the bot client that was used by hacker group Lulzsec Brazil in conducting DDoS attacks against Brazilian websites. Those affected included the websites of both the Brazilian government and President. The said attack is not the first of its kind from the group – as the main LulzSec hacking group reportedly attacked other sites including the UK Serious Organized Crime Agency, the US Senate, and Sony.

The Lulzsec hacking group is one of the 2 hacking groups making news lately, along with Anonymous. The two groups recently declared war against governments, banks, and corporations all over the globe and accused the said organizations of corruption. They also called upon other hackers to join their cause, calling it Operation Anti-Security.

The bot client, which we now detect as BKDR_ZOMBIE.SM, connects to a certain IRC server and joins a specific IRC channel to receive commands.

The following are the types of commands that the bot client is capable of executing, as well as its effects:

  • attack – Performs Denial of Service (DoS) attacks to target sites/IPs
  • stop – Stops the DoS attack
  • stopall – Stops the DoS attack and terminates itself
  • status – Displays the status of current attack being performed by the bot
  • update – Updates the bot’s status information
  • info

The command info displays the following information about the affected system

  • IP Address
  • Machine Name
  • Domain
  • User name
  • Operating System
  • Working Set
  • Common Language Runtime (CLR) Version

It is not yet certain if the same malware was used for the other attacks conducted by Lulzsec. Nonetheless, this malware poses a significant threat, as it affects not only those actually infected by the malware, but also those victims of the DDoS attacks that the affected systems are used for.

We will surely keep an eye on this, and make sure that users are provided with protection.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments