SlideShare uma empresa Scribd logo

Storm Worm & Botnet

Transferir como PPT, PDF
Kendiv
Kendiv

The document discusses the Storm worm, which first emerged in 2007 and uses a peer-to-peer network and rootkit technology to spread and avoid detection. It spreads through email and phishing websites. As it has evolved, Storm can send spam, conduct DDoS attacks, and download files. It uses a decentralized P2P architecture and encrypts traffic between bots using XOR encryption, making it difficult to trace. The rootkit technology allows it to hide processes, files, ports, and services to avoid detection by anti-virus software. Analysis of Storm's P2P network revealed over 5,796 infected hosts communicating within 21 minutes.

Tecnologia
1 de 27
Storm Worm & Botnet Websense, Inc. Jun Zhang Beijing Security Lab. Aug 2008
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction -- What's the Storm Worm ,[object Object]
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction -- What's the Storm Worm ,[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],This figure is the screen snapshort of a storm sending the spam
Storm Worm P2P-based Botnet ,[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Storm Worm P2P-based Botnet ,[object Object]
Storm Worm P2P-based Botnet ,[object Object]
Storm Worm P2P-based Botnet ,[object Object],[object Object]
Storm Worm – Rootkit Technology ,[object Object],[object Object],[object Object],[object Object]
Storm Worm – Rootkit Technology ,[object Object],[object Object]
Storm Worm – Rootkit Technology ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Storm Worm – A Real One ,[object Object],[object Object],[object Object]
Any Questions? The End

Recomendados

M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
FireEye, Inc.
 
6.1 Antecedentes e Historia (Del Internet)
6.1 Antecedentes e Historia (Del Internet)6.1 Antecedentes e Historia (Del Internet)
6.1 Antecedentes e Historia (Del Internet)
damayki 123
 
Computer virus !!!!!
Computer virus !!!!!Computer virus !!!!!
Computer virus !!!!!
pratikpandya18
 
Computer virus
Computer virusComputer virus
Computer virus
Shubham_Indrawat
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
Amrit Khandelwal
 
Tipos de Ataques Informaticos
Tipos de Ataques InformaticosTipos de Ataques Informaticos
Tipos de Ataques Informaticos
sm2099
 
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentationMacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
OlehLevytskyi1
 
Security Onion - Introduction
Security Onion - IntroductionSecurity Onion - Introduction
Security Onion - Introduction
n|u - The Open Security Community
 

Recomendados

M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
FireEye, Inc.
 
6.1 Antecedentes e Historia (Del Internet)
6.1 Antecedentes e Historia (Del Internet)6.1 Antecedentes e Historia (Del Internet)
6.1 Antecedentes e Historia (Del Internet)
damayki 123
 
Computer virus !!!!!
Computer virus !!!!!Computer virus !!!!!
Computer virus !!!!!
pratikpandya18
 
Computer virus
Computer virusComputer virus
Computer virus
Shubham_Indrawat
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
Amrit Khandelwal
 
Tipos de Ataques Informaticos
Tipos de Ataques InformaticosTipos de Ataques Informaticos
Tipos de Ataques Informaticos
sm2099
 
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentationMacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
OlehLevytskyi1
 
Security Onion - Introduction
Security Onion - IntroductionSecurity Onion - Introduction
Security Onion - Introduction
n|u - The Open Security Community
 
Computer virus
Computer virusComputer virus
Computer virus
Manjula Pradeep Gunathilake
 
Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS
Brent Muir
 
End-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyEnd-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware Family
CrowdStrike
 
NMap
NMapNMap
NMap
Pritesh Raka
 
Tipos de antivirus
Tipos de antivirusTipos de antivirus
Tipos de antivirus
gabymuser
 
Palestra Sobre Engenharia Social
Palestra Sobre Engenharia SocialPalestra Sobre Engenharia Social
Palestra Sobre Engenharia Social
Davi Rodrigues
 
Malware
MalwareMalware
Malware
josefrozhi12
 
Computer virus
Computer virusComputer virus
Computer virus
Walden University
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made Simple
Paul Melson
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking
IT Department Akre
 
Honeypots
HoneypotsHoneypots
Honeypots
J. Scott Christianson
 
Malware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesMalware and Modern Propagation Techniques
Malware and Modern Propagation Techniques
Joseph Bugeja
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scanner
Ajit Dadresa
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
Setia Juli Irzal Ismail
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
Kirubaburi R
 
Компьютерлік вирустар
Компьютерлік вирустарКомпьютерлік вирустар
Компьютерлік вирустар
Бақытжан Күшібарұлы
 
Security Onion - Brief
Security Onion - BriefSecurity Onion - Brief
Security Onion - Brief
Ashley Deuble
 
Internet segura
Internet seguraInternet segura
Internet segura
Rosa Duarte
 
Ce hv6 module 63 botnets
Ce hv6 module 63 botnetsCe hv6 module 63 botnets
Ce hv6 module 63 botnets
Vi Tính Hoàng Nam
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
UltraUploader
 

Mais conteúdo relacionado

Mais procurados

End-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyEnd-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware Family
CrowdStrike
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 
Security Onion - Brief
Security Onion - BriefSecurity Onion - Brief
Security Onion - Brief
Ashley Deuble
 

Mais procurados (20)

Computer virus
Computer virusComputer virus
Computer virus
 
Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS
 
End-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyEnd-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware Family
 
NMap
NMapNMap
NMap
 
Tipos de antivirus
Tipos de antivirusTipos de antivirus
Tipos de antivirus
 
Palestra Sobre Engenharia Social
Palestra Sobre Engenharia SocialPalestra Sobre Engenharia Social
Palestra Sobre Engenharia Social
 
Malware
MalwareMalware
Malware
 
Computer virus
Computer virusComputer virus
Computer virus
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made Simple
 
Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking Trojan Horse Virus and Hacking
Trojan Horse Virus and Hacking
 
Honeypots
HoneypotsHoneypots
Honeypots
 
Malware and Modern Propagation Techniques
Malware and Modern Propagation TechniquesMalware and Modern Propagation Techniques
Malware and Modern Propagation Techniques
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Demo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scannerDemo of security tool nessus - Network vulnerablity scanner
Demo of security tool nessus - Network vulnerablity scanner
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Digital forensic upload
Digital forensic uploadDigital forensic upload
Digital forensic upload
 
Honeypots for Network Security
Honeypots for Network SecurityHoneypots for Network Security
Honeypots for Network Security
 
Компьютерлік вирустар
Компьютерлік вирустарКомпьютерлік вирустар
Компьютерлік вирустар
 
Security Onion - Brief
Security Onion - BriefSecurity Onion - Brief
Security Onion - Brief
 
Internet segura
Internet seguraInternet segura
Internet segura
 

Semelhante a Storm Worm & Botnet

A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
UltraUploader
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social Network
Editor IJCATR
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysis
idescitation
 

Semelhante a Storm Worm & Botnet (20)

Ce hv6 module 63 botnets
Ce hv6 module 63 botnetsCe hv6 module 63 botnets
Ce hv6 module 63 botnets
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
Botnets
BotnetsBotnets
Botnets
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
 
Botnet
BotnetBotnet
Botnet
 
Guarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social NetworkGuarding Against Large-Scale Scrabble In Social Network
Guarding Against Large-Scale Scrabble In Social Network
 
Detecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT BotnetsDetecting and Confronting Flash Attacks from IoT Botnets
Detecting and Confronting Flash Attacks from IoT Botnets
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Botnet detection by Imitation method
Botnet detection by Imitation methodBotnet detection by Imitation method
Botnet detection by Imitation method
 
A Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior AnalysisA Dynamic Botnet Detection Model based on Behavior Analysis
A Dynamic Botnet Detection Model based on Behavior Analysis
 
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
A Survey Report on DDOS Attacking Tools, Detection and Prevention MechanismsA Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
A Survey Report on DDOS Attacking Tools, Detection and Prevention Mechanisms
 
Firewalls
FirewallsFirewalls
Firewalls
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnet
 
Defending Against Botnets
Defending Against BotnetsDefending Against Botnets
Defending Against Botnets
 
Botnet
BotnetBotnet
Botnet
 
Bot net detection by using ssl encryption
Bot net detection by using ssl encryptionBot net detection by using ssl encryption
Bot net detection by using ssl encryption
 
Botnets
BotnetsBotnets
Botnets
 

Último

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

Storm Worm & Botnet

  • 1. Storm Worm & Botnet Websense, Inc. Jun Zhang Beijing Security Lab. Aug 2008
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.

Notas do Editor

  1. User- mode APC (Asynchronous Procedure Call).