New Opt-In Botnets use the power of web 2.0 applications
The new "opt in botnets" are surfacing from malicious web 2.0 applications (like Facebook or Twitter). As the Damballa white paper reflects these are highly sophisticated military grade malware attacks.
New Opt-In Botnets
QUOTE: What’s more devastating than a DDoS attack launched by a botnet? In some cases, that’s the DDoS attack launched by the “opt-in botnet” aggregated through a crowdsourcing campaign. Damballa’s recently released report “The Opt-in Botnet Generation: Social Networks, Cyber Attacks, Hacktivism and Centrally-Controlled Protesting” describes the increasing sophistication of cyber-protesting tools, for launching political protests around the globe.
What exactly is an opt-in botnet? What are some of the most notable cases where it has been successfully used? How can you disrupt a opt-in botnet given that the command and control server is in the hands of every user knowingly participating in it?
Damballa’s report describes “opt-in botnets” as:
“In practically all criminal botnet cases in the past, the owners or users of the bot-infected computers have been unwitting participants in an attack. This aspect of botnet participation fundamentally changes in the context of cyber-protesting, since as users intentionally install botnet software agents, subscribe to a particular CnC, and choose to participate in coordinated attacks against a target category. Whether it’s because of a vagueness in the understanding of laws governing cyber attacks and electronic denial of service, or a perception of only being a small cog in a much wider effort that will never result in them being singled out, there seems to be few inhibitors to taking protesting in to the cyber world and taking an active role in the call to action.”
Just like real botnets, opt-in botnets need a command and control server from where to issue new commands, and accept status reports on the success/failure of the DDoS attack. What’s particularly interesting about opt-in botnets is their reliance on popular social networks such as Facebook, or micro-blogging services like Twitter, both acting as the command and control center for scheduling the attack, and distributing the attack tools.
White Paper: The Opt-in Botnet Generation
The last few years have shown a steady increase in the sophistication of the tools and tactics the disaffected use online. Social networking applications, Web 2.0 technologies and the general availability of what can best be described as “military grade” cyber attack tools make it a trivial task for protestors to launch crippling attacks from anywhere around the world. Topics covered in this white paper:
■ Hactivisim: Past and Preset
■ A Protester's Tool chest: Tools and Techniques Used
■ The Social Networking Element
■ The Opt-In Botnet