About Botnet

What is botnet ?

?

Creating and using botnets is illegal activity, the information in this article if for learning only, anything that may happens from reading this is not in the responsible on the author nor the site owner

A botnet is a group of computers that control by hacker, each computer may refer as a zombie, due to the fact that it does not do anything till the management tell him to do, a computer can become a zombie by installing an application that was design to gain control to its master. It does not mean that the user is the one that install the software.

The software, that we can refer it as a backdoor, due to the fact that it has an open entrance into the victim computer for remote control, may be installed on the computer using a legit software, that was infected with trojan.

 

How can I be infected?

 

There are some ways that a computer may be infected with a backdoor, and then be part of a botnet, as mention above one of the option may be downloading an infected software that contain some kind of Trojan attached to it, that when running also installing the backdoor into the computer, this was something that was very common among P2P networks, but not only there, emails, malicious websites, viruses and hackers can also use tactics to install backdoors.

 

After all viruses are design to try and spread themselves over networks using several methods, one of the method, that the virus can use, is by searching known vulnerabilities in software/services or in networks, using that the virus is able to spot the problematic service and try to inject itself using this vulnerability to the next victim computer, installing itself into the computer without user knowledge, and sit and wait till the command arrives.

 

How this vulnerability stuff works?

This is a brief scenario of how software vulnerability turns to be an asset in the hand of a hacker or attacker.

 

Hackers and other security related researches all over the world try to find vulnerability in software, each one with its own reason, some can do it for money, some for fun, some for illegal activities and others as part of their day job.

 

Let’s think about it, what if you know how to turn vulnerability into kind of online weapon that you can use to hack into servers, till there be something that can defense against it you have a lot of optional victim that you can hack to.

 

Ok, here is an example of such scenario:

Assuming X is an application that is widely used among home users (like web browser).

1. You manage to find that there is a bug in application X (think about the error message that you got when software crush ?? The application done an illegal operation and have to be close ?? that type of message).
2. The crush also create a memory dump file that can be read by experts, in this dump file, you can find, for example, what is the memory address that the crash accord in and some more use full information that can be used to understand what was the Z thing that make this application crush.
3. Using this information it is possible, well not always but?, to create a replica in code that can be used to crush the application again and again.
4. When the application crush, it also tells you to where it passes the control to, another memory location, this information can be used to know where to inject a small jump call in that memory address.
5. The small jump call will point to another memory location in your code that will contain a function with instructions what to do next.
6. The function, in our example, will save and run a small tool that will open a reverse command line (DOS shell) to your computer.
7. We are in!

 

So let’s summarize it with some technical words:

• The bug (crush) is the software vulnerability.
• The small tool that uses this vulnerability can be referring as the Exploit.
• The small tool that opens the reverse command shell is the ShellCode.

 

And here you have it your own tool that can crush application X and open you a direct command shell to this computer.

 

Be sure that although I type it here on some steps it is not that easy, and you need to have a lot of knowledge in order to create a full functional tool that can be used to crush applications, also if it works it will only effect on the exact version of application X on the exact operation system that it was test on, and there are other limitation for such a tool, but I do hope that you got the picture.

 

What can botnet be use for?

?

One of the first think that it can be use it to compute a full botnet attack against targets, it can be done on the same time, a botnet is like an army of computer that waiting to your command, if you install a DDoS tool on all the zombie computers that under your control, you can use them to take down web site, or at least make it harder to users to use the site.

 

You can use it to steal data from users, like any activity that the user do can be record and send back to the controller for feather investigation, what if the zombie collect account passwords to important web sites, like banks, your social media sites and so on. Only that information alone can be problematic if spread free on the web.

 

The botnet is like a play yard, it is like a hacker land to do whatever he want, ?you can read more on some known botnets on the web in sites that are related to computer, security and theology. There are some nice stories about big botnet that does a lot of damage before cough.

 

Few words on DDoS:

?

DDoS is Distributed Denied of Service and it is a form of attack that is use to denied a service from working, think about it like this, there is a site that you need to login to it so you will be able to do some activities, a bank for example, what if 1 million people will try to do the log in on the same second, will it manage to handle all the million on the same time, or will it crash and the access to the service will be denied, so there are tool that design to use method to computer a Denied of Service (DOS) Attack, and if it use in a botnet as we know botnet have many computers that it can use, and the computer can be distributed all over the global, so now we have Distributed Denied of Service (DDoS).

The post About Botnet appeared first on Secure Hunter Anti-Malware.

http://ift.tt/1WFsop2
Secure Hunter

Secure Hunter Indiegogo Campaign

SECURE HUNTER SECURITY SUITE ANDROID APP

 

 
Secure Hunter launching this campaign called Secure Hunter Security Suite Application.
http://ift.tt/1SKf7Wv;
We developed a new way of securing your mobile device in order to keep your online activity secure. We think it will help people in need of a solution for the rising amount of online hacking and identity theft.

 
Secure Hunter Indiegogo Campaign
 

The post Secure Hunter Indiegogo Campaign appeared first on Secure Hunter Anti-Malware.

http://ift.tt/1TNBO14
Secure Hunter

Computer Encryption Services Used To Protect Confidential Data

The data should be protected and privacy has to be maintained. The data backup and the computer encryption are very critical and also beneficial. The data need not be given to the encrypted instead the data can be copied to the data archives. The data encryption is hard to maintain and also implement. The cost of encryption is more. So many organizations avoid doing it. The credit card security and also security towards the social security numbers needs the encryption. The data has to be accessed by authorized personnel only. The data should reach the destination as it is sent and should not get modified by illegal sources. To reach these limits the encryption is very necessary.

 

If the reputation of the organization has to be preserved and the brand will retain its respect then encryption services have to be implemented. The data breach will cost much money than the implementation of the encryption to the website. All small and the big business have to implement encryption services to avoid any theft of the data. The confidential data which is stored in the computer or the laptops should not get into wrong hands. The computer may give up but the website should not give up this is the main intention of the encryption services.

 

If the encryption is done by the encryption services then the professional services will be in your hand and a secured data management also. All the types of issues of the network can be solved by these services. The organization should be able to explain the needs of the encryption to get the best. The encryption services should be able to guide the company in assistance to use the services fully with confidence. Now almost everything can be stored into the computer. Whether it is the music, video, photos or any other thing, all this has to be protected. If it is company information then it has to be safer.

If there are any malfunctions or any virus attacks then the work may stop causing a lot of loss. This will be fully avoided by encrypting the data of the company. This is nothing but the back up services for all the data stored. A reputed company encrypted services has to be hired for best services. The files spreadsheets, MP3 files, photos, documents can be backed up so that if they are lost we can have it back.

 

Many companies, banks, organizations, shops can have this backup or the encryption services. This will get the secured, reliable and an advanced back up facility to you system. We have to investigate a little to get he services in affordable prices. The confidential and sensitive issues of the company are recorded in the computers. These matters should not be exposed or robbed by some wrong hands. So the data is encrypted in the encryption archive to make it more confidential. Though the encryption service is reliable the company can always use the archives to put the most confidential files into it.

The post Computer Encryption Services Used To Protect Confidential Data appeared first on Secure Hunter Anti-Malware.

http://ift.tt/1NaXgpR
Secure Hunter