- Jan 24, 2011
- 9,379
G Data is reporting that a functional botnet builder, called Aldi Bot, is available on underground forums for just €10. The Aldi Bot appears to be based on the ZeuS source code.
Demo : “Aldi Bot” DDoS attack against the website of the German Federal Police (www.bka.de).
G-DATA said:Botnets on discount!
Creating a botnet has become insanely easy and cheap
We’ve encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called “Aldi Bot” first appeared in late August and has been sold for the initial price of €10! Parts of the bot’s code oddly look like ZeuS code…
The malware author, the name used makes us suspect it is a male author, announces his bot creation in the underground and explains that he likes coding and is not keen on making a lot of money. That would be the reason for the low price, he says. Accepted payment methods: paysafecard (with receipt) and Ukash. “I cannot guarantee that the stub you get is always FUD”, he says. This means that there is no guarantee for buyers that the program code remains undetected by AV products. And he is quite right – AV products are able to detect the bot.
The offer: 1 x Builder + stub + updates + installation assistance = €10 ***
This price even dropped down to €5, less than two weeks ago.
The main functions of “Aldi Bot” v1.0 are:
- Possibility to carry out DDoS attacks
- SOCKS; bot owner can use victim’s pc as proxy
- Firefox password stealer; stealing passwords saved in Firefox database
- Remote execution of any file
An update to v2.0 added the following functions to the ones already in use:
- Pidgin password stealer; stealing passwords from the instant messenger Pidgin
- jDownloader password stealer; stealing passwords from a downloader of one-click hoster
The author prides himself with a video, hosted on Youtube, which apparently shows an “Aldi Bot” DDoS attack against the website of the German Federal Police (www.bka.de).
Chat logs, posted by the malware author, reveal that he actually really provides personal assistance for the installation and implementation of the bots, even to malware rookies, so-called noobs, who do not have the slightest idea of how to work with the malicious tools! He even uses TeamViewer to make his customers happy and ready to attack.
And this is where we bring it to the core: Having malware on the market for such a low price, the “Aldi Bot” price has temporary gone down to €5, will draw virtually anybody to the dark side – either for fun or for profit. Script Kiddies can buy this bot with their pocket money, including all updates and support, as the author announces it! And even though the “Aldi Bot” is not for sale any more, we expect more malware like this to pop up and to supply the market.
via G-Data
Demo : “Aldi Bot” DDoS attack against the website of the German Federal Police (www.bka.de).
Last edited: