Dorkbot is a family of malware worms that spreads through instant messaging, USB drives, websites or social media channels like Facebook. It originated in 2015 and infected systems were variously used to send spam, participate in DDoS attacks, or harvest users' credentials.[1]
Dorkbot’s backdoor functionality allows a remote attacker to exploit infected systems. According to an analysis by Microsoft and Check Point Research, a remote attacker may be able to:[2][3]
A system infected with Dorkbot may be used to send spam, participate in DDoS attacks, or harvest users' credentials for online services, including banking services.[2]
Between May and December 2015, the Microsoft Malware Protection Center detected Dorkbot on an average of 100,000 infected machines each month.[4]
On December 7, 2015, the FBI and Microsoft in a joint task force took down the Dorkbot Botnet.[5]
In 2015, the U.S. Department of Homeland Security advised the following action to remediate Dorkbot infections:[2]
Original source: https://en.wikipedia.org/wiki/Dorkbot (malware).
Read more |