Future of Botnets 2021?
#1
Do you think it will worth it to run a botnet in 2021?
With all this AI movement, Even to run a simple XMR miner with a CP will be hard. All the AV companies are navigating towards AI.
Reply
#2
Just because AV companies are on their way to proper analysis doesn't mean they're there yet.

It's ridiculously easy to write malicious software that doesn't get detected from static analysis. For dynamic evasion, you need a bit of creativity and might need to make your own implementations of certain OS API functions (i.e. the cheat/hack community often uses their own implementations of/find alternative ways to call OpenProcess(), VirtualQueryEx() and VirtualProtectEx() because those functions are frequently hooked/monitored by anticheat solutions. You likely don't care about these functions though if you're writing a keylogger.)

But it's definitely not impossible, and if you're semi-competent at programming, you can easily write yourself a client/server to accomplish your tasks.
Reply
#3
I'll be sure to keep that in mind when I need one. Certain bots are complicated, depends on what tasks you need. Have you actually made one before or just theorizing?
Reply
#4
(01-05-2021, 07:31 PM)Majin-Buu Wrote: I'll be sure to keep that in mind when I need one. Certain bots are complicated, depends on what tasks you need. Have you actually made one before or just theorizing?

Not specifically botnets in the sense of managing thousands of clients, but I have written a couple tools for remote access.
Seriously, make a 10 line binary that spawns an interactive shell and pipes input from a socket, or calls wget to download another binary that it then executes. If you're feeling spicy, XOR the string with the URL or commands, then strip the symbol table during compilation. With smaller files it's much easier.
Reply
#5
How about Click bots? - traffic bot pro v2 for example.

That click bot bypasses sophisticated click protection software such as clickcease.

https://www.clickcease.com/


The click through ratio of about 6.5/10 with traffic bot pro v2. I can't even find one which can perform better.

I wonder if google will make it more difficult. I know someone a few years ago who was getting 9/10 ratio.
Reply
#6
(01-06-2021, 08:42 AM)Majin-Buu Wrote: How about Click bots?  - traffic bot pro v2 for example.

That click bot bypasses sophisticated click protection software such as clickcease.

https://www.clickcease.com/


The click through ratio of about 6.5/10 with traffic bot pro v2. I can't even find one which can perform better.

I wonder if google will make it more difficult. I know someone a few years ago who was getting 9/10 ratio.

Personally written? No.
If you were adding it to your botnet clients or something, then your binary size would probably be a lot bigger to accommodate for everything that makes clicks look human. Not impossible, like you said people can achieve decent ratios, but it'll definitely involve a lot more on your end for programming and reverse-engineering what gets clickbots detected.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Need discuss questions about modern HVNC-2021 Alexnavalniy 0 3,750 02-05-2021, 06:14 AM
Last Post: Alexnavalniy
  The theory of building large p2p botnets Insider 8 9,719 01-28-2021, 04:19 PM
Last Post: Vector