Botnet based on Baby Cologne already earns hackers 2,000 2,000 a month

The newborn baby Cragan botnet has spread like wildfire over the past few months, adding more infosteelers and backdoor. On all Windows systems and Windows servers.

There is a new one Botnet Based on Golang, still in development, with the strength to disguise its youth, it is called Kraken: it uses the “SmokeLoader **” malware loader to spread like wildfire and is already bringing $ 2,000 a month to its operators, researchers say. Although its name may seem familiar, Cracken has nothing to do with the 2008 botnet of the same name.

Using “SmokeLoader *” to install more malware on targeted computers, Gragan detects hundreds of new bots each time the new command and control (C2) server is used.

Initially, at the end of December 2021, we saw the hitherto unknown botnet, which is still active, which is the end of December 2021. Although it is still in development, it already has the ability to retrieve sensitive data from hosts. WindowsIt can download and run secondary payloads, execute shell commands, and take screen shots of the victim’s computer.

Simple, but many broad.

C2 was named the “Cragan Panel”. It still seemed to be lacking in features. It provided basic statistics, links for downloading payloads, the option to download new payloads, and a way to interact with a limited number of bots.

However, the current version of Craigslist C2 panel (see below) has been completely redesigned and renamed Anubis. The Anubis team provides more information to pirates than the original Cragan panel. It is now possible to view command history and affected information.

Enter the cryptocurrency

Crawling tinkered, added and deleted Kraken’s teaching skills. At this point, the crocodile can maintain perseverance and gather information about the host. In addition, it downloads and executes files, executes shell commands, takes screen shots and steals various cryptocurrency wallets including Zcash, Armory, Atomic, Bytecoin, Electrum, Ethereum, Exodus, Guarda and Jaxx Liberty.

With a very clear direction

Here are our suggestions on how to prevent crocodiles from eating into your system:

1. Make sure the antivirus and infiltration detection software is up-to-date with all links and rule packages,
2. Enable two-factor authentication for all corporate accounts to mitigate attacks Fishing And Certificate Filling,
3. Maintain routine scheduled backup procedures, including offsite storage and integrity testing,
4. Avoid opening unsolicited links and do not click on suspicious links.
5. Record and monitor all administrative activities as much as possible. Warning of any suspicious activity,
6. Examine network logs for possible signs of compromise and data leakage.

Webmaster-Alsace is planning an cyber security awareness campaign for small businesses. To date, this is the only way to control malicious activity without turning your computer into a malicious robot.

* The “Smokeloader” family is a common backdoor with many monumental features. Malware is distributed in a variety of ways and is widely associated with crime.