Their warnings were deliberately crafted to closely resemble interfaces of legitimate AV or anti-malware software, further increasing the likelihood that users who see them will fall for the ploy.
Their social engineering tactic normally involve displaying fictitious security scan results, threat notices, and other deceptive tactics in an effort to manipulate users into purchasing fake security software or licenses in order to remove potential threats that have supposedly infected their systems.
Rogue scanners, also known as fake scanners, fake AV, or rogueware, are pieces of code injected into legitimate sites or housed in fake sites. This explains why there has been a significant increase of this threat all around the world. Bootstrapping own C&C and becoming a botnet owner does not require any advanced technical skills. Nowadays, botnet builders are commonly sold on the black market. From then on, botnets started turning into serious criminal tools. At that time, IRC-based communication with bots lost its popularity for HTTP based channels.Ģ006 brought on the scene the infamous ZeuS, from which derivatives are still alive. The spamming capabilities of botnets caught interest of cybercriminals and soon new dedicated malware started to appear, like Beagle or Bobax. It was specialized in data stealing, but also performed spam attacks on popular instant messengers. The next step was made in 2003 by SpyBot. It was back-dooring infected systems, blocking popular antivirus software and downloading payloads for next stages of attacks. Its modular structure was something innovative for the time.
The evolution of botnets was boosted in 2002 by the release of SDBot source code (writen in C++). In 2000 a mIRC-based bot appeared called GTbot (Global Threat bot) that was used to perform DDoS attacks. The first malicious programs that introduced the concept of master-slave relationship between an infected computer and a command server were Sub7 and PettyPark which derived from Remote Administration Tools, like the popular NetBus.Īt that time, the popular way of sending commands to botnet agents were IRC channels.