Zemra

Zemra is a DDoS Bot which was first discovered in underground forums in May 2012.^[1]^[2]

Zemra is capable of HTTP and SYN Flood flooding and also has a simple Command & Control panel that is protected with 256-bit DES encryption for communicating with its command and control (C&C) server.^[3] Zemra also sends information such as Computer name, Language settings, and Windows version. It will send this data to a remote location on a specific date and time.^[4] It also opens a backdoor on TCP port 7710 to receive commands from a remote command-and-control server,^[5] and it is able to monitor devices, collect system information, execute files, and even update or uninstall itself if necessary.^[3]^[6]

References[edit]

^ Kumar, Mohit (2012-06-27). "Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks". The Hacker News.
^ Neville, Alan (27 June 2012). "DDoS Attacks: The Zemra Bot". Symantec. Retrieved 23 October 2016.
^ ^a ^b Kovacs, Eduard (2012-06-28). "Zemra DDOS Crimeware Kit Used to Extort Organizations". Softpedia.
^ "Backdoor.Zemra". Precise Security. 2012-06-27.
^ "Backdoor.Zemra". Naked Security. 2012-06-26.
^ Goldman, Jeff (2012-06-29). "Symantec Warns of New Zemra Bot". eSecurity Planet.

[1] Kumar, Mohit (2012-06-27). "Zemra Botnet Leaked, Cyber Criminals performing DDoS Attacks". The Hacker News.

[2] Neville, Alan (27 June 2012). "DDoS Attacks: The Zemra Bot". Symantec. Retrieved 23 October 2016.

[Softpedia-3] Kovacs, Eduard (2012-06-28). "Zemra DDOS Crimeware Kit Used to Extort Organizations". Softpedia.

[4] "Backdoor.Zemra". Precise Security. 2012-06-27.

[5] "Backdoor.Zemra". Naked Security. 2012-06-26.

[6] Goldman, Jeff (2012-06-29). "Symantec Warns of New Zemra Bot". eSecurity Planet.

[1]

[2]

[3]

[4]

[5]

[6]

See also[edit]

References[edit]