ASERT's DDoS Malware Corral, Volume 1 presented at InfoSec SouthWest 2013

by Jason Jones, Dennis Schwarz,

Summary : "In the never-ending search for new DDoS malware families, ASERT's malware corral processed over 2 million samples in 2012. In this talk we will share some details on a handful of lesser known bots that we analyzed this past year. We will cover what the bot does to an infected host, its command and control (C&C) communications, and, of course, what the DDoS attack traffic looks like. While names like HOIC, Dirt Jumper, and Brobot are familiar in the infosec media, we will cover new ones such as Cynic, SATBOT, and TarriedRat."