Tag: zombie

AI, Programming, Security, Tech

Wanted: A Real Boy!

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

When are these guys coming? A new script just dropped and they’re missing it.
Photo by Louis Gys, please support by following @pexel.com

Have no fear, the bots are here and this time they weren’t sent from the future. It has been a well-known fact by now in every industry that we have advanced technology to the point where any task if not all the tasks we deem to be boring and must be done many times over gets put onto our hardware brain companions.

If you don’t have time or feel like trying to figure out which email is spam, a spam filter is created. If you don’t feel like searching through hundreds of documents to find a particular one, a finder was created.

And if you want to repeatedly send emails to a random list of people, you can use a bot for that and other malicious intent as well.

We’re going to be filtering out what kind of attack this is, who is using it, what are the effects upon release, and what are some ways you can protect yourself from being on the spamming list.

Set it and forget it? Real cooks do no such thing.
Photo by cottonbro studio, please support by following @pexel.com

The Attack

So, what kind of service would you make use of spam to hundreds of people while you have it on “Set it and forget it” mode? Look no further than TrueBot. Don’t let the name fool you, there’s nothing true about this bot.

Truebot is a botnet being used to send out hundreds upon hundreds of emails in hopes of tricking victims into interacting with malicious links. You don’t know what a botnet is? Don’t worry, we have you covered on that.

A botnet is a network of slave computers infected with malware operating under the control of the threat actor or actors. A good way to picture this is to imagine a dog walker walking with a group of well-trained dogs, since the walker has control of the dogs when the walker finds a target, they can then choose to release the hounds.

You have one more time to silence me human, that finger will go bye.
Photo by Anna Shvets, please support by following @pexel.com

Who Can It Be Now

You may be wondering which group of people is releasing the hounds and if this is the first time. The only group that has been ID for using such a tactic is the group called Silence also known as Whisper Spider.

Silence has been operating since mid-2016 and has spread its activities over 25 countries worldwide and has had confirmed damage raking up to, if not more than 800,000 USD. They are thought to be Russian based on clues such as words typed on an English keyboard layout for issuing commands and using Russian-language web hosting services.

Silence has been responsible for targeting Russian banks and other financial institutions which leads to the thought that they may not have a code of ethics. If you’re willing to attack your home turf, then that means no one is off the menu… these guys may not be Russian after all.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Man: I think we can get in through the back door!
Woman: I FORGOT TO TURN OFF THE STOVE!!
Photo by Meruyert Gonuliu, please support by following @pexel.com

The Sinking Feeling

Aside from rushing through the backdoor, how do these guys get in is what you may be asking. Silence and other threat actors gain a foothold by exploiting a vulnerability, where in which the installation of TrueBot begins.

After breaching the network another installation takes place which installs the FlawedGrace RAT (Remote Access Trojan), this dirty RAT stores encrypted payloads within the registry.

The FlawedGrace RAT establishes a connection with the Command and Control (C2) server as well as load dynamic link libraries (DLL) to escalate privileges for further malicious intent.

Just understand that once the backdoor is opened, it leaves it wedged and poses no threat while all the information is being collected for the threat actor.

I’m your well configured firewall…what’s up.
Photo by Ron Lach, please support by following @pexel.com

The Prevention

At this junction, it’s clear that you’re interested in keeping your back door closed and having it stay closed. A few ways you could do this is by making sure you stir clear of clicking on links from questionable contacts.

If it’s someone you may know who sent you the link, cross-check with them on other media to verify. Keeping your system, anti-virus, and yourself up to date will help greatly in catching any funny business being had.

Keeping yourself up to date is most important since humans are the most hackable. We’ve been around for years and still fall for the same old tricks.  

I think I’ll read a few more scripts. They help put my mind at ease.
Photo by Rachel Claire, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on TrueBot? Script a comment below.