Botnets on discount!

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
G Data is reporting that a functional botnet builder, called Aldi Bot, is available on underground forums for just €10. The Aldi Bot appears to be based on the ZeuS source code.

G-DATA said:
Botnets on discount!

Creating a botnet has become insanely easy and cheap

We’ve encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called “Aldi Bot” first appeared in late August and has been sold for the initial price of €10! Parts of the bot’s code oddly look like ZeuS code…

The malware author, the name used makes us suspect it is a male author, announces his bot creation in the underground and explains that he likes coding and is not keen on making a lot of money. That would be the reason for the low price, he says. Accepted payment methods: paysafecard (with receipt) and Ukash. “I cannot guarantee that the stub you get is always FUD”, he says. This means that there is no guarantee for buyers that the program code remains undetected by AV products. And he is quite right – AV products are able to detect the bot.

The offer: 1 x Builder + stub + updates + installation assistance = €10 ***
This price even dropped down to €5, less than two weeks ago.

The main functions of “Aldi Bot” v1.0 are:

  • Possibility to carry out DDoS attacks
  • SOCKS; bot owner can use victim’s pc as proxy
  • Firefox password stealer; stealing passwords saved in Firefox database
  • Remote execution of any file

An update to v2.0 added the following functions to the ones already in use:

  • Pidgin password stealer; stealing passwords from the instant messenger Pidgin
  • jDownloader password stealer; stealing passwords from a downloader of one-click hoster

RTEmagicC_AldiBot_Builder.PNG.PNG


The author prides himself with a video, hosted on Youtube, which apparently shows an “Aldi Bot” DDoS attack against the website of the German Federal Police (www.bka.de).

Chat logs, posted by the malware author, reveal that he actually really provides personal assistance for the installation and implementation of the bots, even to malware rookies, so-called noobs, who do not have the slightest idea of how to work with the malicious tools! He even uses TeamViewer to make his customers happy and ready to attack.

And this is where we bring it to the core: Having malware on the market for such a low price, the “Aldi Bot” price has temporary gone down to €5, will draw virtually anybody to the dark side – either for fun or for profit. Script Kiddies can buy this bot with their pocket money, including all updates and support, as the author announces it! And even though the “Aldi Bot” is not for sale any more, we expect more malware like this to pop up and to supply the market.

via G-Data

Demo : “Aldi Bot” DDoS attack against the website of the German Federal Police (www.bka.de).
 
Last edited:
D

Deleted member 178

5euros is very cheap for be able to do lot of damage...as i repeated many times, most of the "famous hacker groups" are just inexperienced idiots with good tools...
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Seems its like on demand botnets tools so the price was really down.

Well I'm using pidgin in Linux and aware that it has a password written in a text. So its better for some alternative messengers especially when using Windows.
 

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Interesting to see I might grab myself one considering how cheap they are.

Jack said:
He even uses TeamViewer to make his customers happy and ready to attack.

How can I go wrong!

Cheers for the notice. /sarcasm on
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top