Das teil kann man für 320$ kaufen. Verbreitet sich über skype spamming, oder ansonsten über die typischen sachen wie java-drive-by, torrents, facebook, etc.
Finde ich gut das COMODO Internet Security nicht unter den AV's steht die gekilled werden
Lächerlich das bei Avast sogar sandbox bypassed wird. Bei Comodo geht da nichts ohne einer Warnung
@edit: Wenn der Bot nicht mehr Beta ist soll er 460$ kosten.
Fazit: UAC aktiviert lassen und Hirn einschalten, Comodo Internet Security benutzen ;P
Beta Bot - Main Features
Disable Anti Virus
Using multiple methods removal methods, Beta Bot is able to remove or disable over 30 different Anti Viruses from user mode. On Vista and 7, elevation is required for this function to work properly. To help achieve maximum efficiency, Beta Bot has incorporated a custom ‘social engineering’ tactic (written in 12 languages) to trick the user into elevating the bot. This method has proven to roughly 80% effective when attempting to elevate privileges.
A complete list of AV’s killed is shown here:
ArcaVir
Avast!
AVG
Avira
BullGuard
Emsisoft Anti-Malware
ESET NOD32 / Smart Security (XP Only)
F-PROT
F-Secure IS
GData IS
Ikarus AV
K7 AntiVirus
Kaspersky AV/IS
Lavasoft Adaware AV
MalwareBytes Anti-Malware
McAfee
Microsoft Security Essentials
Norman AntiVirus
Norton AntiVirus (Vista+ only)
Outpost Firewall Pro
Panda AV/IS
Panda Cloud AV (Free version)
PC Tools AntiVirus
Rising AV/IS
Sophos Endpoint AntiVirus
Total Defense
Trend Micro
Vipre
Webroot SecureAnywhere AV
Windows Defender
ZoneAlarm IS
Bot Persistence
Beta Bot protects all bot resources (Process / Files / Start Up) from removal or termination. Four different layers of protection shield your bot, and files can be considered extremely secure and highly resilient to removal. In the unlikely case the bot is somehow terminated, it will automatically be restarted.
Bot Killer
The next-gen Bot Killer in Beta Bot will successfully kill and remove all major malware you may come across when working with Install Shops and Pay Per Install ventures. The Bot Killer scans process and start up locations for suspicious entries. All injected code and crypted files using RunPE methods with be terminated. However, removal of the physical source of injected code from the disk is not always possible.
System Wide Userkit (Ring3 Rootkit)
The use of a System Wide Userkit in Beta Bot greatly reduces the ability of PC users and usermode programs from removing the bot. Using hooking technology never before seen in usermode malware, Beta Bot is able to intercept any NT system service calls sent to block or modify access to any resources it chooses. This feature is to obviously hinder the effectiveness of bot removal. Additionally, Beta Bot is able to remove consistently 3rd Party hooks on critical functions and also restore its own hooks.
Custom Injection Techniques
Beta Bot incorporates three unique and custom methods of injection, including a new zombie process method. The bot is able to bypass even the most sophisticated Anti Virus Proactive Defenses and Firewall Restrictions.
A complete list of AVs and IS solutions bypasses by Beta Bot:
ArcaVir IS - Bypass
Avast - Bypass
Avast Internet Security - Injects but Prompts (Passes sandbox with no detections)
AVG Internet Security - Bypass
Avira - Bypass
Avira Internet Security - Bypass
BitDefender - No Bypass/Run
BullGuard - Attempt kill / install on reboot
Comodo - Prompt
Dr. Web - Bypass
ESET AV/ESET Smart Security - Bypass
F-Secure - Bypass
GData - Prompt
K7 AntiVirus - Bypass
Kaspersky Anti-Virus - Bypass
Kaspersky Internet Security - No Bypass
McAfee Total Protection - No Injections
Norman IS - Prompt
Norton Internet Security - Bypass
Panda Internet Security 2013 - Bypass
PandaCloud - Bypass
PC Tools AntiVirus - Bypass
Rising IS - Bypass
Total Defense - Bypass
Trend Micro - Attempt kill / install on reboot
Vipre - Bypass
ZoneAlarm - Bypass
Proactive Defense Mode
Allows you to toggle whether or not Beta Bot actively defends against other bots installing and/or injecting into processes. When enabled, any bot reliable on a RunPE will be blocked from working. Most, if not all, injection methods are blocked as well. It even has the ability to block some bots before they can even install.
Beta Bot - Additional Features
- Multi Server Support for up to 16 different servers. Different configurations are possible for each individual server.
- Four different DDoS methods. Uses local information to attempt to randomize headers in HTTP Floods.
UDP
Rapid Connect/Disconnect
HTTP GET
Slowloris
- Experimental Ruskill Using an active Sandbox-like, Beta Bot will attempt to sequester specified programs and roll back any changes made by them after running. This feature is currently in development and may not work on some bots.
- Form Grabbers When specified sites are detected, Beta Bot will pull any relevant forms as they are sent, and export details to the main panel. The use of wildcard masks are supported when specifying target URLs.
FireFox (Normal and SSL)
Internet Explorer (Normal and SSL)
Internet Explorer Formgrabber uses different locations for hooks when available to avoid conflicts with other 3rd party Formgrabbers.
- DNS Blocker + Redirector Without touching the HOSTS file, Beta Bot is able to block domains or redirect them. Entries are specified in the panel and formatting when doing so is identical to the HOSTS file format.
- USB Autorun When enabled, Beta Bot will add itself to any USB drive inserted into the machine using LNK-File swap techniques.
- SOCKS4 Server Turn your bots into dedicated SOCKS4 proxies. Supports UPnP.
- FTP/PuTTY Stealer Collects and organizes FTP logins from a large list of FTP clients as well as harvests live FTP logins as they happen in real time. The PuTTY Stealer works the same, collects logins live as they connect to SSH daemons via PuTTY.
- Various Rudimentary Antis To help maintain the integrity of Beta Bot and to protect various pieces of vital code, Beta Bot makes use of multiple anti debugging and anti dumping methods.
- Download / Update / Uninstall / etc Basic commands expected of all bots.
- Additional User Accounts Ability to create additional user accounts to access your panel. Fully customizable access levels.
Finde ich gut das COMODO Internet Security nicht unter den AV's steht die gekilled werden
Lächerlich das bei Avast sogar sandbox bypassed wird. Bei Comodo geht da nichts ohne einer Warnung
@edit: Wenn der Bot nicht mehr Beta ist soll er 460$ kosten.
Fazit: UAC aktiviert lassen und Hirn einschalten, Comodo Internet Security benutzen ;P
Zuletzt bearbeitet: