The same Skype ID malware author used to run IoT Botnet and apply for jobs
True to the biggest failure of all time, a malware developer uses the same Skype address to advertise his IoT botnet and also the Skype ID itself to apply for freelance jobs.
True to the biggest failure of all time, a malware developer uses the same Skype address to advertise his IoT botnet and also the Skype ID itself to apply for freelance jobs.
Nicknamed DadyL33T, this developer is the man behind DaddyHackingTeam, the home of an upcoming future botnet. It is still in the development phase, but the website has also contained some of the source code of the leaked malware variants over the past few years.
DaddyL33T will not be a real hacker if he does not have an account on HackForums. This account is registered under DaddyPvP and most of his posts are asking for help or introducing their botnet.
Most people who want to be hackers on HackForums are harmless, but DaddyL33T seems to be skilled, at least enough for his botnet to work.
The person behind the hybrid botnet QBot-Gr1n IoT
Researcher at NewSky Security Ankit Anubhav has tracked DaddyL33T's botnet, apparently the modified version of the QBot botnet. On HackForums, DaddyL33T also asked some questions about QBot.
DaddyL33T asks about QBot on HackForum
The researcher said DaddyL33T's botnet uses a binary file that was used during infection from DaddyHackingTeam. Private chat with DaddyL33T via Skype, Anubhav said DaddyL33T admitted his botnet is trying to infect about 300 devices, a very small number compared to other IoT botnets.
Source code on DaddyHackingTeam
When analyzing the QBot model, Anubhav also found many similarities with the malware Gr1n IoT, also used to create IoT botnet. So it seems that DaddyL33t's botnet is just a copy.
DaddyL33T is a 13-year-old boy
This, he admitted in a private conversation with Anubhav. The lack of malware development experience and OpSec is obvious when Anubhav says he found a job application on the freelance job site, where DaddyL33T uses the same Skype address he used to advertise his botnet. In it, he also said that he is 13 years old, just as he confessed to Anubhv.
DaddyL33T's freelance job application
You should read it
- The US warned about DealtaCharlie - DDoS botnet malware from Korea
- How many types of malware do you know and how to prevent them?
- Microsoft has just taken down a huge botnet network
- Botnets can change CPU settings to increase mining performance
- WireX DDoS Botnet: tens of thousands of Android phones are hacked
- 10 typical malware types
- Hacker exploited three vulnerabilities in Microsoft Office to spread Zyklon malware
- What is Safe Malware? Why is it so dangerous?
- Can a VPN Fight Malware?
- What is Malware? What kind of attack is Malware?
- The 4 most common ways to spread malware today
- Learn about polymorphic malware and super polymorphism
Maybe you are interested
What is PetitPotam Attack? How to overcome PetitPotam attack The Microsoft MSERT tool can find web shells related to the Exchange Server attack campaign Many encrypted SSDs can be decoded without a password Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software The CredSSP vulnerability in the RDP protocol affects all versions of Windows Detects two serious vulnerabilities on uTorrent that can help hackers execute malicious code or view download history on your computer