Not just a one-trick PonyDOS

Jeff Edwards, March 8, 2012 | No Comments

Reversing the crypto used by the PonyDOS attack bot This blog post is the third installment in our ongoing series of articles exploring the crypto systems commonly found in various DDoS malware families.  In previous articles we covered the reversing of the Armageddon and Khan DDoS bots; today we will cover a new malware family [...]


Posted in Arbor Networks - DDoS Experts, Botnets, DDoS Tools and Services, Reverse Engineering
Read More

Reversing the Wrath of Khan

Jeff Edwards, March 7, 2012 | 3 Comments

Analysis of the crypto used by the Trojan.Khan DDoS bot  A recent blog post described our analysis of the crypto algorithm used by the Armageddon DDoS malware.  This article continues our ongoing series on reversing the crypto mechanisms used by contemporary DDoS botnets; our guest of honor today will be a bot we have been [...]


Posted in Arbor Networks - DDoS Experts, Attacks and DDoS Attacks, Botnets, Malware
Read More

It’s 2012 and Armageddon has arrived

Jeff Edwards, March 6, 2012 | 6 Comments

Breaking Armageddon’s latest and greatest crypto reveals some interesting new functionality Armageddon is one of several notable Russian malware families that are designed exclusively for DDoS attacks; it has been on our radar screens for some time now. Its primary competitors within the market of Russian DDoS vendors are Dirt Jumper (a.k.a. RussKill), Darkness/Optima (a.k.a. Votwup), [...]


Posted in Arbor Networks - DDoS Experts, DDoS Tools and Services, Reverse Engineering
Read More
« Previous Entries
Next Entries »