New Aldi Botnet Aims to Be “People’s Bot” for Under $10

A new, exceptionally cheap botnet builder has surfaced called Aldi Bot and is for sale online for as little as US $8.

A new, exceptionally cheap botnet builder has surfaced called Aldi Bot and is for sale online for as little as US $8.

Aldi Bot first appeared in August and is named after the popular supermarket chain according to a post this week on GData’s SecurityBlog. Its authors initially offered it for €10, but that price was later slashed to €5 – or about $8 according to the blog post. Analysis of the bot has found that some of its code looks similar to Zeus’ source code, which has been leaked online for months.

The bot’s initial application was to carry out distributed denial of service (DDoS) attacks, use its victim’s PC as a proxy, steal passwords from Mozilla’s Firefox browser and carry out the remote execution of any file. A video allegedly posted by the botnet’s author uses the bot to lead a DDoS attack against the Bundeskriminalamt, the German Federal Criminal Police Office.

A recent update to Aldi added a Pidgin password stealer and a jDownloader password stealer.

According to The Register, the botnet‘s seller isn’t in it for the money and just wants to offer a “people’s bot” to the public that even the most novice hackers might be lured to purchase.

Suggested articles

ThreatList: Latest DDoS Trends by the Numbers

Trends in DDoS attacks show a evolution beyond Mirai code and point to next-gen botnets that are better hidden and have a greater level of persistence on devices – making them “far more dangerous.”

bit and piece ddos attack

Bit-and-Piece DDoS Method Emerges to Torment ISPs

Perpetrators are using smaller, bit-and-piece methods to inject junk into legitimate traffic, causing attacks to bypass detection rather than sounding alarms with large, obvious attack spikes.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.