Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11The same Skype ID malware author used to run IoT Botnet and apply for jobs
True to the biggest failure of all time, a malware developer uses the same Skype address to advertise his IoT botnet and also the Skype ID itself to apply for freelance jobs.
Nicknamed DadyL33T, this developer is the man behind DaddyHackingTeam, the home of an upcoming future botnet. It is still in the development phase, but the website has also contained some of the source code of the leaked malware variants over the past few years.
DaddyL33T will not be a real hacker if he does not have an account on HackForums. This account is registered under DaddyPvP and most of his posts are asking for help or introducing their botnet.
Most people who want to be hackers on HackForums are harmless, but DaddyL33T seems to be skilled, at least enough for his botnet to work.
The person behind the hybrid botnet QBot-Gr1n IoT
Researcher at NewSky Security Ankit Anubhav has tracked DaddyL33T's botnet, apparently the modified version of the QBot botnet. On HackForums, DaddyL33T also asked some questions about QBot.
The same Skype ID malware author used to run IoT Botnet and apply for jobs Picture 1
DaddyL33T asks about QBot on HackForum
The researcher said DaddyL33T's botnet uses a binary file that was used during infection from DaddyHackingTeam. Private chat with DaddyL33T via Skype, Anubhav said DaddyL33T admitted his botnet is trying to infect about 300 devices, a very small number compared to other IoT botnets.
The same Skype ID malware author used to run IoT Botnet and apply for jobs Picture 2
Source code on DaddyHackingTeam
When analyzing the QBot model, Anubhav also found many similarities with the malware Gr1n IoT, also used to create IoT botnet. So it seems that DaddyL33t's botnet is just a copy.
DaddyL33T is a 13-year-old boy
This, he admitted in a private conversation with Anubhav. The lack of malware development experience and OpSec is obvious when Anubhav says he found a job application on the freelance job site, where DaddyL33T uses the same Skype address he used to advertise his botnet. In it, he also said that he is 13 years old, just as he confessed to Anubhv.
The same Skype ID malware author used to run IoT Botnet and apply for jobs Picture 3
DaddyL33T's freelance job application
David PacYou should read it
- The US warned about DealtaCharlie - DDoS botnet malware from Korea
- How many types of malware do you know and how to prevent them?
- Microsoft has just taken down a huge botnet network
- Botnets can change CPU settings to increase mining performance
- WireX DDoS Botnet: tens of thousands of Android phones are hacked
- 10 typical malware types
- Hacker exploited three vulnerabilities in Microsoft Office to spread Zyklon malware
- What is Safe Malware? Why is it so dangerous?
- Can a VPN Fight Malware?
- What is Malware? What kind of attack is Malware?
- The 4 most common ways to spread malware today
- Learn about polymorphic malware and super polymorphism
Maybe you are interested
Microsoft dismantled the ZLoader botnet, naming key members as a deterrent
Notorious botnet TrickBot stopped working, redirected to another form of malicious code that could be more dangerous
Detecting botnets that can easily bypass Windows Defender and steal crypto wallet data
The Gupteba botnet that infected 1 million Windows computers has just been taken down by Google
Botnets can change CPU settings to increase mining performance
Microsoft has just taken down the world's largest botnet
Attack the network
The Linux subsystem on Windows 10 allows malware to hide without being detected- Billions of devices are affected by the new Bluetooth attack
- The attacker can pass SKEL Protection on the macOS High Sierra
- Malicious ads dig virtual money right on the browser
- Ransomware 'Your Windows has been banned' extorting users with a face value of 50 USD Bitcoin
- New bank trojan detection on Android Red Alert
The Linux subsystem on Windows 10 allows malware to hide without being detected
Billions of devices are affected by the new Bluetooth attack
The attacker can pass SKEL Protection on the macOS High Sierra
Malicious ads dig virtual money right on the browser
Ransomware 'Your Windows has been banned' extorting users with a face value of 50 USD Bitcoin
New bank trojan detection on Android Red Alert