Botnet
Aldibot
According to Trend Micro Encyclopia: ALDIBOT first appeared in late August 2012 in relevant forums.
According to Trend Micro Encyclopia: ALDIBOT first appeared in late August 2012 in relevant forums. Variants can steal passwords from the browser Mozilla Firefox, instant messenger client Pidgin, and the download manager jDownloader. ALDIBOT variants send the gathered information to their command-and-control (C&C) servers.
This malware family can also launch Distributed Denial of Service (DDoS) attacks using different protocols such as HTTP, TCP, UDP, and SYN. It can also perform flood attacks via Slowloris and Layer 7.
This bot can also be set up as a SOCKS proxy to abuse the infected machine as a proxy for any protocols.
This malware family can download and execute arbitrary files, and update itself. Variants can steal information, gathering the infected machine’s hardware identification (HWID), host name, local IP address, and OS version.
This backdoor executes commands from a remote malicious user, effectively compromising the affected system.
Family metadata imported from Malpedia (Fraunhofer FKIE).