Friday, December 10, 2010
New "Darkness" Botnet as Ominous as It Sounds
Security researchers are in a tizzy over a new botnet they’re calling “Darkness,” or if you want the full name, “Destination Darkness Outlaw System” (D.D.O.S.), ComputerWorld reports.
Here’s the sales pitch — for just $50, Darkness operators promise their clients they’ll be able to flummox large sites with an army of just 1,000 bots, and security experts don’t doubt that claim.
“Upon testing, it was observed that the throughput of the attack traffic directed simultaneously at multiple sites was quite impressive,” said the Shadowserver Foundation. “As with BlackEnergy, ‘Darkness’ is easy to purchase, easy to deploy, and is very effective and efficient in what it does.”
Darkness botnet operators advertise a laundry list of devious features, including the ability to choose and pick several URLs for each site, the ability to overwhelm an average site with just 30 bots, it can run as a Windows service, the inclusion of both an English and Russian GUI, and much more.
“It now appears that ‘Darkness’ is overtaking BlackEnergy as the DDoS bot of choice,” Shadowserver Foundation notes. “There also appear to be no shortage of buyers looking to add ‘Darkness’ to their botnet arsenal.”