• Home
• Services
• Labs
• About
• Contact

Reverse Engineering Zbot Botnet

RedTeam Security is working with a client to dig deep into the Zbot botnet in an effort to combat its affect on the client's organization. Detection of Zbot is not easily done. With permission from our client, we will share as much research information as possible.

The Zbot/Zeus is an extremely effective bot builder kit designed and developed to be sold in underground markets as a "cybercrime kit," enabling criminals to easily build identity theft related spyware that evades many security solutions. The botnet authors have been known to do custom work as well, all for a price, of course. The bots produced by the kit were in turn called ”Ntos” and ”Zbot” by major software security vendors.

Because one gang of the bot distributors have been so determined and successful at distributing the malware to high-value targets over the past couple of years, an individual Zbot botnet currently made up of a reported 74,000 Zbot infected systems is being renamed as the "Kneber Botnet," based on the username this Zbot variant uses.

As previously stated, this is a widespread problem and we will share as much research information here as possible.

Keep on patching...

• Company News
• General
• Industry News
• Research

The content, tools, methodologies and proof of concept code contained in these articles are in no way intended to be used for malicious intent. This information is to be used for educational purposes only. RedTeam Security does not condone the malicious use nor does it warranty the use of any of the content contained herein.

Phone number:
1-612-234-7848

E-mail:

info@redteamsecure.com