CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis

Cerber ransomware has been one of the most prolific crimeware botnets to have arisen, it is currently generating an estimated $2.5 million dollars a year and rising. Once infected, your content is encrypted and held for ransom as the name implies. You will see an image popup with instructions on how to reclaim your data … Read more CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis

********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – I TAKE IN NO WAY RESPONSIBILITY FOR ANYTHING ILLEGAL YOU ARE ABLE TO DO WITH THIS INFORMATION ******* So, basically, I did some research on DoS webshells and quickly found some popular ones such as phpDOS, Grenshell and a few other less popular labeled *PRIVATE* *NOT FOR RELEASE* which that obviously didn’t turn out well. Additionally, kiddies are arrogant and lazy so I wanted to do searches for file names that ended or included “ddos, dos, attack, stresser, packet, etc” *.php|.asp|.jsp|.cfm. But why stop there, I also wanted to include in text strings such as “Start the attack” “Flood victim” “DoS Victim” “Victim IP”, etc. So armed with some information, it was time to see if I could build a botnet, using a custom python script and a multiple TOR nodes through a VPN I could link all hacked shells and launch a single DDoS at any target I desired. So, just to prove my point, here are a few screen shots, I was able to locate 178 available bots and judging by uplinks combined they should deliver well over 50gbs/sec – maybe more. This took me less than 4 hours to build a botnet and be able to control it without hacking a thing. The internet is broken, kiddies can repeat the same type of actions and take down large networks with ease. 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Capture shell Share Button Email inShare Category: DoS,DDoS,DrDoS Tags: *FOR RESEARCH* I Built a 50gbs+/sec DDoS Net using just GOOGLE Without Hacking Anything

********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – … Read more ********RESEARCH ONLY – DO NOT TRY ANYTHING I AM ABOUT TO DO AS YOU WILL MOST LIKELY END UP IN JAIL, I DO NOT ENDORSE NOR CONDONE DoS ATTACKS OR HACKING WEBSERVERS YOU DO NOT HAVE PERMISSION TO DO SO – HOWEVER IF THEY ARE AGAINST IRAN OR NORTH KOREA I WOULD LOOK THE OTHER WAY – I TAKE IN NO WAY RESPONSIBILITY FOR ANYTHING ILLEGAL YOU ARE ABLE TO DO WITH THIS INFORMATION ******* So, basically, I did some research on DoS webshells and quickly found some popular ones such as phpDOS, Grenshell and a few other less popular labeled *PRIVATE* *NOT FOR RELEASE* which that obviously didn’t turn out well. Additionally, kiddies are arrogant and lazy so I wanted to do searches for file names that ended or included “ddos, dos, attack, stresser, packet, etc” *.php|.asp|.jsp|.cfm. But why stop there, I also wanted to include in text strings such as “Start the attack” “Flood victim” “DoS Victim” “Victim IP”, etc. So armed with some information, it was time to see if I could build a botnet, using a custom python script and a multiple TOR nodes through a VPN I could link all hacked shells and launch a single DDoS at any target I desired. So, just to prove my point, here are a few screen shots, I was able to locate 178 available bots and judging by uplinks combined they should deliver well over 50gbs/sec – maybe more. This took me less than 4 hours to build a botnet and be able to control it without hacking a thing. The internet is broken, kiddies can repeat the same type of actions and take down large networks with ease. 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Capture shell Share Button Email inShare Category: DoS,DDoS,DrDoS Tags: *FOR RESEARCH* I Built a 50gbs+/sec DDoS Net using just GOOGLE Without Hacking Anything