Monday, May 16, 2022

Slowloris DDoS tool Contained Zeus Trojan

During the attack on the US Department of Justice, music label UMG, and, in retaliation to the shutdown of many anons used a tool that where being distributed that launched a Slowloris attack on any selected target.

Without anyone’s knowledge an unknown individual backdoored the tool with a Zeus Trojan.   Zeus is most commonalty known for  stealing paypal information, credit and numerous other virtual banking methods.

Each time Slowloris was downloaded and ran on the 20th of January, a Zeus client was also installed onto the system. The Zeus client then stealthily downloaded a “clean” variant of the Slowloris tool to substitute the modified copy in an effort to hide its existence on the tainted PC. Meanwhile, the Zeus trojan did what it’s most known for: logging  passwords and cookies, as well as banking and webmail credentials, and sending them off to a command-and-control server.

Symantec has said that the modified version of Slowloris was widely downloaded.

“This Anonymous DoS tool on PasteBin has become quite popular among the Anonymous movement with more than 26,000 views and 400 tweets referring to the post,” noted Symantec’s official blog.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …