The first mention of Backdoor.Zemra appeared in May of this year and its estimated cost is $ 100.
Symantec has announced the discovery of a new botnet designed to conduct distributed denial of service attacks (DDoS). According to experts, the first mention of the instrument Backdoor.Zemra appeared in closed forums in May this year, while its price was 100 euros.
This botnet is very easy to compare with market veterans malware as Zeus and SpyEye. For example, when working with Backdoor.Zemra botnet operator can control the infected computers and to collect data on them, as well as download additional components to implement a remote control panel.
Functional Zemra quite extensive:
256-bit DES encryption when communicating with the server command
Implementation of DDoS attacks
Monitoring of connected devices to the infected system
Download and execute binary file
Installation and verification of successful deep infection
Distribution via the USB port
Collection of system data
The first post-infection system Zemra connection with the command server is via HTTP protocol. In this connection by sending a POST request to the hardware identifier of the current user agent, determine the level of privilege, and your operating system. Posted infected system packet processing scenario gate.php, which retrieves the data and places them in a database SQL.