Lavasoft Security Bulletin - March 2014: Bot Review

Bot Review

Table: Bots under analysis (March 2014, Lavasoft MAS).

Bot's name Feb 2014 March 2014 Changes
Zbot 197 65 -52.6%
Cycbot 41 29 -4.8%
Kelihos 146 66 -31.9%
NrgBot/Dorkbot 233 74 -63.3%
Blazebot/Rbot 15 13 -0.8%
Shiz 3 4 0.4%
Total 620 635

Bot distribution in March:


You can find the latest description on Kelihos here.

Cycbot. You can find the latest description on Cycbot here.

Shiz. The latest example is here.

Zbot. We counted 65 backdoors this month; 27 of them install Tor client to communicate with C&C.
According to the latest analysis on Zbot we revealed two new features: download files encryption and the installation of notifiers in kernel to control system events, such as: loading executable images into a memory and modification of registry keys and values on both 32-bit and 64-bit operating systems. You can read more in the detailed report on Zeus.

NrgBot/Dorkbot. You can find the latest description on NrgBot here.

Blazebot/Rbot. The latest description is available in Malware Encyclopedia.

Read also:
Lavasoft Security Bulletin - March 2014: Top Threats.

Zeus Backdoor Adopts Extra Rootkit Abilities.

  • Back to articles

  • Share this post:    Twitter Facebook

    Our best antivirus yet!

    Fresh new look. Faster scanning. Better protection.

    Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

    For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

    Download adaware antivirus 12
    No thanks, continue to
    close x

    Discover the new adaware antivirus 12

    Our best antivirus yet

    Download Now