Ddos Pbot v2.0

Malware updated 15 days ago (2024-11-29T14:04:43.686Z)
Download STIX
Preview STIX
On March 22, 2023, mismanaged Linux SSH servers were targeted by a novel attack campaign involving the distribution of three new strains of the ShellBot DDoS bot malware, including PowerBots GohacK, LiGhT's Modded perlbot v2, and DDoS PBot v2.0, as reported by The Hacker News. These attacks were especially concerning due to their potential to exploit vulnerabilities in these servers. DDoS PBot v2.0, a type of malware, is one of these strains that infiltrates systems through suspicious downloads, emails, or websites, often without user knowledge, with the intent to steal personal information, disrupt operations, or hold data hostage for ransom. Researchers have categorized the ShellBot into three different groups, given that threat actors can create their own versions: LiGhT’s Modded perlbot v2, DDoS PBot v2.0, and PowerBots (C) GohacK. Both LiGhT’s Modded perlbot v2 and DDoS PBot v2.0 support multiple DDoS attack commands using HTTP, TCP, and UDP protocols. This versatility increases the potency of the attacks, allowing them to exploit a wider range of vulnerabilities in target systems. DDoS PBot v2.0 and Modded perlbot v2 are particularly dangerous as they offer commands to facilitate distributed denial-of-service attacks, which can overwhelm servers and disrupt services. On the other hand, PowerBots, which has capabilities more akin to a backdoor, could facilitate reverse shell access and arbitrary file uploading, according to a report from the AhnLab Security Emergency Response Center. This means that PowerBots could potentially give attackers control over infected systems, further exacerbating the risk posed by these malware variants.
Description last updated: 2024-03-05T20:46:19.441Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Shellbot Malware is associated with Ddos Pbot v2.0. ShellBot is a malicious software (malware) variant that has been actively targeting poorly managed Linux SSH servers. As reported by Hacker News and HackRead in March 2023, this Perl-based DDoS bot deploys different variants to exploit these servers. ShellBot, along with another DDoS malware called Unspecified
2
The Modded Perlbot V2 Malware is associated with Ddos Pbot v2.0. Modded Perlbot v2 is a new strain of the ShellBot DDoS bot malware that has been identified as part of an attack campaign targeting mismanaged Linux SSH servers. This campaign, which began on March 22, 2023, involves the distribution of three distinct strains of the ShellBot malware: PowerBots GohacUnspecified
2
Source Document References
Information about the Ddos Pbot v2.0 Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more