1498:
55:. The botnet itself consists of roughly 15,000 infected computers as of May, 2008, although the size of the botnet itself is highly variable as the controllers of the botnet have been known to deliberately shrink (and later regrow) their botnet to prevent more aggressive countermeasures from the IT Community.
77:
usually attacks in waves – the goal of each wave is to infect as many websites as possible, thus achieving the highest possible spread rate. Once a wave is completed the botnet lay dormant for an extended amount of time, likely to prevent aggressive counterreactions from the security community. The
78:
initial wave took place in July, 2008, which infected an estimated 1,000 – 2,000 pages. An additional wave took place in
October 2009, infecting an unknown number of websites. Another wave took place in June 2010, increasing the estimated total number of infected
90:
While the infection targets of the Asprox botnet are randomly determined through Google searches, some high-profile websites have been infected in the past. Some of these infections have received individual coverage.
428:
43:. It is a highly infectious malware which spreads through an email or through a clone website. It can be used to trace any kind of personal or financial information and activities online.
271:
453:
397:
772:
376:
963:
798:
893:
432:
297:
1364:
851:
1563:
1539:
325:
351:
51:
Since its discovery in 2008 the Asprox botnet has been involved in multiple high-profile attacks on various websites in order to spread
765:
975:
903:
495:
275:
457:
1235:
1074:
188:
404:
803:
793:
758:
202:
867:
58:
The botnet propagates itself in a somewhat unusual way, as it actively searches and infects vulnerable websites running
372:
1558:
1532:
990:
970:
1166:
1240:
1000:
739:
249:
1307:
1266:
1015:
301:
1578:
1333:
1328:
919:
898:
1525:
1323:
1297:
1038:
533:
488:
1359:
872:
734:
160:
62:. Once it finds a potential target the botnet performs a SQL injection on the website, inserting an
1064:
220:
59:
1130:
835:
724:
1156:
1151:
1568:
1188:
1146:
1048:
958:
888:
714:
673:
140:
1509:
347:
1573:
1043:
924:
729:
694:
481:
980:
1447:
1109:
1089:
1069:
1059:
608:
598:
543:
1473:
1416:
1380:
1176:
995:
699:
678:
668:
623:
613:
578:
548:
79:
1552:
1219:
1084:
1010:
704:
638:
603:
593:
588:
558:
104:
36:
326:"Asprox Botnet Mass Attack Hits Governmental, Healthcare, and Top Business Websites"
1411:
1182:
1099:
1094:
945:
709:
643:
618:
563:
228:
168:
63:
1421:
1385:
1282:
1104:
1033:
953:
568:
98:
1390:
1005:
930:
829:
429:"Sony PlayStation's site SQL injected, redirecting to rogue security software"
135:
130:
1463:
1442:
663:
553:
221:"Botnet sics zombie soldiers on gimpy websites; More SQL injection insanity"
1497:
1468:
1395:
1354:
1302:
1214:
1114:
985:
633:
583:
538:
32:
348:"Asprox botnet causing serious concern - V3.co.uk - formerly vnunet.com"
1505:
1287:
1199:
750:
719:
573:
125:
67:
52:
40:
1338:
1079:
1025:
653:
628:
504:
120:
74:
1292:
1245:
658:
648:
523:
250:"Botnets – Asprox Botnet Attacks Come Back – eWeek Security Watch"
1250:
95:
754:
477:
518:
66:
which redirects the user visiting the site to a site hosting
272:"ASCII Encoded/Binary String Automated SQL Injection Attack"
110:
Several government, healthcare and business related websites
398:"Papers | SpiderLabs | About Us | Trustwave"
373:"Researchers: Asprox Botnet Is Resurging – botnets/Attacks"
23:
botnet (discovered around 2008), also known by its aliases
473:
454:"Adobe's Serious Magic site SQL Injected by Asprox botnet"
82:
from 2,000 to an estimated 10,000 – 13,000 within a day.
1513:
189:"Asprox botnet, a long-running nuisance, disappears"
1456:
1430:
1404:
1373:
1347:
1316:
1275:
1259:
1228:
1207:
1198:
1165:
1139:
1123:
1024:
944:
912:
881:
860:
844:
822:
815:
687:
511:
214:
212:
320:
318:
1533:
766:
489:
403:. M86security.com. 2008-10-29. Archived from
8:
161:"ASProx botnet dials into Conficker domains"
1540:
1526:
1204:
819:
773:
759:
751:
496:
482:
474:
852:Sony BMG copy protection rootkit scandal
151:
7:
1494:
1492:
296:Sue Marquette Poremba (2008-05-15).
431:. ZDNet. 2008-07-02. Archived from
1512:. You can help Knowledge (XXG) by
14:
379:from the original on 19 July 2010
31:, is a botnet mostly involved in
1496:
354:from the original on 1 July 2010
300:. SC Magazine US. Archived from
328:. CyberInsecure.com. 2008-07-18
86:Notable high-profile infections
1564:Distributed computing projects
298:"Asprox botnet malware morphs"
274:. bloombit.com. Archived from
1:
375:. DarkReading. 15 July 2010.
248:Hines, Matthew (2009-10-06).
1183:Kaminsky DNS cache poisoning
927:(findings published in 2010)
270:Michael Zino (2008-05-01).
159:Leyden, John (2009-02-03).
1595:
1491:
219:Goodin, Dan (2008-05-14).
786:
252:. Securitywatch.eweek.com
39:into websites to spread
904:US military cyberattack
894:Cyberattacks on Georgia
868:Cyberattacks on Estonia
456:. ZDNet. Archived from
1508:-related article is a
899:Sarah Palin email hack
1039:Jeanson James Ancheta
107:Serious Magic website
873:Operation: Bot Roast
781:Hacking in the 2000s
735:Operation: Bot Roast
203:"Re: Elaborate Scam"
60:Active Server Pages
836:Operation Firewall
725:Man-in-the-browser
225:.theregister.co.uk
165:.theregister.co.uk
1559:Internet security
1521:
1520:
1486:
1485:
1482:
1481:
964:associated events
940:
939:
889:Project Chanology
810:
809:
748:
747:
715:Internet security
435:on 12 August 2010
141:Internet security
1586:
1542:
1535:
1528:
1500:
1493:
1205:
1056:str0ke (milw0rm)
925:Operation Aurora
820:
789:
788:
775:
768:
761:
752:
730:Network security
695:Browser security
498:
491:
484:
475:
469:
468:
466:
465:
460:on 5 August 2010
450:
444:
443:
441:
440:
425:
419:
418:
416:
415:
409:
402:
394:
388:
387:
385:
384:
369:
363:
362:
360:
359:
343:
337:
336:
334:
333:
322:
313:
312:
310:
309:
293:
287:
286:
284:
283:
267:
261:
260:
258:
257:
245:
239:
238:
236:
235:
216:
207:
206:
199:
193:
192:
185:
179:
178:
176:
175:
156:
16:Computer malware
1594:
1593:
1589:
1588:
1587:
1585:
1584:
1583:
1549:
1548:
1547:
1546:
1489:
1487:
1478:
1452:
1426:
1400:
1369:
1343:
1312:
1271:
1255:
1236:Anna Kournikova
1224:
1194:
1169:
1167:Vulnerabilities
1161:
1135:
1119:
1110:Dmitry Sklyarov
1090:Albert Gonzalez
1020:
936:
908:
877:
856:
840:
811:
782:
779:
749:
744:
683:
512:Notable botnets
507:
502:
472:
463:
461:
452:
451:
447:
438:
436:
427:
426:
422:
413:
411:
407:
400:
396:
395:
391:
382:
380:
371:
370:
366:
357:
355:
345:
344:
340:
331:
329:
324:
323:
316:
307:
305:
295:
294:
290:
281:
279:
269:
268:
264:
255:
253:
247:
246:
242:
233:
231:
218:
217:
210:
201:
200:
196:
187:
186:
182:
173:
171:
158:
157:
153:
149:
117:
88:
49:
35:and performing
17:
12:
11:
5:
1592:
1590:
1582:
1581:
1576:
1571:
1566:
1561:
1551:
1550:
1545:
1544:
1537:
1530:
1522:
1519:
1518:
1501:
1484:
1483:
1480:
1479:
1477:
1476:
1471:
1466:
1460:
1458:
1454:
1453:
1451:
1450:
1445:
1440:
1434:
1432:
1428:
1427:
1425:
1424:
1422:Black Energy 1
1419:
1414:
1408:
1406:
1402:
1401:
1399:
1398:
1393:
1388:
1383:
1377:
1375:
1371:
1370:
1368:
1367:
1362:
1357:
1351:
1349:
1345:
1344:
1342:
1341:
1336:
1331:
1326:
1320:
1318:
1314:
1313:
1311:
1310:
1305:
1300:
1295:
1290:
1285:
1279:
1277:
1273:
1272:
1270:
1269:
1263:
1261:
1257:
1256:
1254:
1253:
1248:
1243:
1238:
1232:
1230:
1226:
1225:
1223:
1222:
1217:
1211:
1209:
1202:
1196:
1195:
1193:
1192:
1186:
1180:
1177:Shatter attack
1173:
1171:
1163:
1162:
1160:
1159:
1154:
1149:
1143:
1141:
1140:Hacking forums
1137:
1136:
1134:
1133:
1127:
1125:
1121:
1120:
1118:
1117:
1112:
1107:
1102:
1097:
1092:
1087:
1082:
1077:
1072:
1067:
1062:
1057:
1054:
1051:
1046:
1041:
1036:
1030:
1028:
1022:
1021:
1019:
1018:
1013:
1008:
1003:
998:
996:PLA Unit 61398
993:
988:
983:
978:
973:
968:
967:
966:
956:
950:
948:
942:
941:
938:
937:
935:
934:
928:
922:
920:Operation Troy
916:
914:
910:
909:
907:
906:
901:
896:
891:
885:
883:
879:
878:
876:
875:
870:
864:
862:
858:
857:
855:
854:
848:
846:
842:
841:
839:
838:
833:
826:
824:
817:
813:
812:
808:
807:
801:
796:
787:
784:
783:
780:
778:
777:
770:
763:
755:
746:
745:
743:
742:
737:
732:
727:
722:
717:
712:
707:
702:
700:Computer virus
697:
691:
689:
685:
684:
682:
681:
676:
671:
666:
661:
656:
651:
646:
641:
636:
631:
626:
621:
616:
611:
606:
601:
596:
591:
586:
581:
576:
571:
566:
561:
556:
551:
546:
541:
536:
531:
526:
521:
515:
513:
509:
508:
503:
501:
500:
493:
486:
478:
471:
470:
445:
420:
389:
364:
338:
314:
304:on 1 July 2010
288:
262:
240:
227:. London, UK:
208:
194:
180:
167:. London, UK:
150:
148:
145:
144:
143:
138:
133:
128:
123:
116:
113:
112:
111:
108:
102:
87:
84:
48:
45:
37:SQL injections
33:phishing scams
15:
13:
10:
9:
6:
4:
3:
2:
1591:
1580:
1579:Malware stubs
1577:
1575:
1572:
1570:
1567:
1565:
1562:
1560:
1557:
1556:
1554:
1543:
1538:
1536:
1531:
1529:
1524:
1523:
1517:
1515:
1511:
1507:
1502:
1499:
1495:
1490:
1475:
1472:
1470:
1467:
1465:
1462:
1461:
1459:
1455:
1449:
1446:
1444:
1441:
1439:
1436:
1435:
1433:
1429:
1423:
1420:
1418:
1415:
1413:
1410:
1409:
1407:
1403:
1397:
1394:
1392:
1389:
1387:
1384:
1382:
1379:
1378:
1376:
1372:
1366:
1363:
1361:
1358:
1356:
1353:
1352:
1350:
1346:
1340:
1337:
1335:
1332:
1330:
1327:
1325:
1322:
1321:
1319:
1315:
1309:
1306:
1304:
1301:
1299:
1296:
1294:
1291:
1289:
1286:
1284:
1281:
1280:
1278:
1274:
1268:
1265:
1264:
1262:
1258:
1252:
1249:
1247:
1244:
1242:
1239:
1237:
1234:
1233:
1231:
1227:
1221:
1218:
1216:
1213:
1212:
1210:
1206:
1203:
1201:
1197:
1190:
1187:
1184:
1181:
1178:
1175:
1174:
1172:
1168:
1164:
1158:
1155:
1153:
1150:
1148:
1145:
1144:
1142:
1138:
1132:
1129:
1128:
1126:
1122:
1116:
1113:
1111:
1108:
1106:
1103:
1101:
1098:
1096:
1093:
1091:
1088:
1086:
1083:
1081:
1078:
1076:
1073:
1071:
1068:
1066:
1063:
1061:
1058:
1055:
1052:
1050:
1047:
1045:
1042:
1040:
1037:
1035:
1032:
1031:
1029:
1027:
1023:
1017:
1014:
1012:
1011:World of Hell
1009:
1007:
1004:
1002:
999:
997:
994:
992:
989:
987:
984:
982:
979:
977:
974:
972:
969:
965:
962:
961:
960:
957:
955:
952:
951:
949:
947:
943:
932:
929:
926:
923:
921:
918:
917:
915:
911:
905:
902:
900:
897:
895:
892:
890:
887:
886:
884:
880:
874:
871:
869:
866:
865:
863:
859:
853:
850:
849:
847:
843:
837:
834:
831:
828:
827:
825:
821:
818:
814:
806: →
805:
802:
800:
797:
795:
792:←
791:
790:
785:
776:
771:
769:
764:
762:
757:
756:
753:
741:
738:
736:
733:
731:
728:
726:
723:
721:
718:
716:
713:
711:
708:
706:
705:Computer worm
703:
701:
698:
696:
693:
692:
690:
688:Main articles
686:
680:
677:
675:
672:
670:
667:
665:
662:
660:
657:
655:
652:
650:
647:
645:
642:
640:
637:
635:
632:
630:
627:
625:
622:
620:
617:
615:
612:
610:
607:
605:
602:
600:
597:
595:
592:
590:
587:
585:
582:
580:
577:
575:
572:
570:
567:
565:
562:
560:
557:
555:
552:
550:
547:
545:
542:
540:
537:
535:
532:
530:
527:
525:
522:
520:
517:
516:
514:
510:
506:
499:
494:
492:
487:
485:
480:
479:
476:
459:
455:
449:
446:
434:
430:
424:
421:
410:on 2012-04-10
406:
399:
393:
390:
378:
374:
368:
365:
353:
349:
342:
339:
327:
321:
319:
315:
303:
299:
292:
289:
278:on 2008-06-01
277:
273:
266:
263:
251:
244:
241:
230:
226:
222:
215:
213:
209:
204:
198:
195:
190:
184:
181:
170:
166:
162:
155:
152:
146:
142:
139:
137:
134:
132:
129:
127:
124:
122:
119:
118:
114:
109:
106:
103:
100:
97:
94:
93:
92:
85:
83:
81:
76:
71:
69:
65:
61:
56:
54:
46:
44:
42:
38:
34:
30:
26:
22:
1514:expanding it
1503:
1488:
1437:
1365:Sony rootkit
1131:Bluehell IRC
1100:Dan Kaminsky
1095:Sven Jaschan
740:Trojan horse
528:
462:. Retrieved
458:the original
448:
437:. Retrieved
433:the original
423:
412:. Retrieved
405:the original
392:
381:. Retrieved
367:
356:. Retrieved
350:. V3.co.uk.
346:David Neal.
341:
330:. Retrieved
306:. Retrieved
302:the original
291:
280:. Retrieved
276:the original
265:
254:. Retrieved
243:
232:. Retrieved
229:The Register
224:
197:
183:
172:. Retrieved
169:The Register
164:
154:
89:
72:
57:
50:
28:
24:
20:
18:
1283:SQL Slammer
1105:Samy Kamkar
1026:Individuals
991:Level Seven
954:Ac1db1tch3z
933:(2008–2010)
832:(2003–2006)
99:PlayStation
1553:Categories
1170:discovered
1157:darksun.ws
1152:unkn0wn.eu
1060:Lil Hacker
1006:ShadowCrew
931:WebcamGate
830:Titan Rain
674:ZeroAccess
464:2010-07-30
439:2010-07-30
414:2014-01-09
383:2010-07-30
358:2010-07-30
332:2010-07-30
308:2010-07-30
282:2011-03-21
256:2010-07-30
234:2014-01-09
174:2014-01-09
147:References
136:Cybercrime
131:Email spam
47:Operations
1464:Conficker
1443:Agent.btz
971:Avalanche
959:Anonymous
816:Incidents
664:Vulcanbot
554:Conficker
1569:Spamming
1469:Koobface
1448:Mariposa
1396:Stration
1391:Clickbot
1355:PGPCoder
1303:Graybird
1241:Code Red
1215:ILOVEYOU
1189:sslstrip
1147:ryan1918
1124:Darknets
1115:Stakkato
1053:Digerati
1049:Dshocker
1016:Sandworm
986:GhostNet
799:Timeline
634:Slenfbot
599:Mariposa
584:Koobface
544:Bredolab
539:BASHLITE
377:Archived
352:Archived
115:See also
1574:Botnets
1506:malware
1474:Waledac
1381:Rustock
1308:Blaster
1288:Welchia
1220:Pikachu
1200:Malware
1070:camZero
720:Malware
669:Waledac
624:Rustock
614:Metulji
579:Kelihos
574:Gumblar
549:Cutwail
505:Botnets
126:Malware
105:Adobe's
80:domains
68:Malware
53:malware
41:malware
1438:Asprox
1339:Mydoom
1334:Sasser
1329:NetSky
1267:Simile
1191:(2009)
1185:(2008)
1179:(2002)
1085:diabl0
1080:Cyxymu
1075:Coolio
1044:SilenZ
946:Groups
710:Malbot
654:Torpig
639:Srizbi
629:Sality
604:Mega-D
594:Lethic
589:Kraken
559:Donbot
529:Asprox
121:Botnet
75:botnet
64:IFrame
29:Aseljo
25:Badsrc
21:Asprox
1504:This
1412:Storm
1324:Bagle
1298:Gruel
1293:Sobig
1246:Nimda
1034:AKill
981:0x1fe
804:2010s
794:1990s
659:Virut
649:TDL-4
644:Storm
619:Nitol
609:Mirai
564:Festi
534:Bagle
524:Akbot
408:(PDF)
401:(PDF)
1510:stub
1457:2009
1431:2008
1417:ZeuS
1405:2007
1386:ZLOB
1374:2006
1360:Samy
1348:2005
1317:2004
1276:2003
1260:2002
1251:Klez
1229:2001
1208:2000
1065:BadB
976:GNAA
913:2009
882:2008
861:2007
845:2005
823:2004
679:Zeus
569:Grum
101:U.S.
96:Sony
73:The
27:and
19:The
1001:RBN
519:3ve
1555::
317:^
223:.
211:^
163:.
70:.
1541:e
1534:t
1527:v
1516:.
774:e
767:t
760:v
497:e
490:t
483:v
467:.
442:.
417:.
386:.
361:.
335:.
311:.
285:.
259:.
237:.
205:.
191:.
177:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.