Top 5 Stories


Dirt Jumper DDoS bot family has over 300 varieties

12 April 2012

The Dirt Jumper distributed denial of service (DDoS) bot family has evolved into over 300 varieties of bot packages, explained Curt Wilson of Arbor Networks.

Dirt Jumper, a newer version of the commercial crimeware Russkill kit, has been used to attack numerous websites, particularly in Russia.

Malware related to Dirt Jumper include Simple, September, Khan, Pandora, the Di BoTNet, Wilson explained in a blog.

The binaries and back-end PHP scripting language for Dirt Jumper has been leaked several times. “This makes it easy for someone to make slight modifications to the PHP or Delphi binary code and attempt to re-sell the bot, use the bot for their own purposes, or start making money with their own commercial DDoS service”, Wilson explained.

“It can be difficult to determine if a site has been attacked by Dirt Jumper or one of it’s variants, and if so, which one. Therefore we will refer to all of the bots profiled here as well as any future bots as the Dirt Jumper family”, he said.

“Development will continue, and there are increasing trends towards the development of attack techniques that will bypass certain types of anti-DDoS protection measures. The underground economy continues to flourish, and DDoS services are a piece of that rotten pie”, Wilson concluded.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×