Barracuda.A bot uses 15,000 PCs to launch denial of service attacks

PandaLabs has discovered a network of almost 15,000 computers infected with the new Barracuda.A bot. This malicious code is designed to allow its creators to launch distributed denial of service (DDoS) attacks from each computer infected.

A DDoS attack consists of launching a denial of service attack from several computers simultaneously to crash other computers. This could prevent users from, say, accessing a certain website.

“Distributed denial of service attacks are an excellent source of economic benefit for cyber-crooks. A network like this can be used to blackmail companies that use the Internet for business. Hackers demand huge amounts of money to not launch an attack that could crash the target company’s computers”, explains Luis Corrons, Technical Director of PandaLabs.

On some occasions, the Barracuda.A bot can also use the infected computer as a proxy. As a result, a hacker could perform other types of attacks anonymously (send spam, access other computers illegally, etc.), using the affected PC as a cover.

“This way, cyber-crooks can hide their tracks on the Web. They can use the IP addresses of kidnapped computers to store confidential data on a certain FTP server or transfer money from illegal activities from one account to another, so that, should their criminal actions be uncovered, there is no way to track them down.”, explains Corrons.

The computer network is managed remotely through a console installed on a server. This console includes a statistics section that shows the effectiveness of each bot or the number of them available at any time. It also allows users to specify the IP addresses of the computers to crash or the attack duration.

TruPrevent proactive Technologies have detected and blocked the Barracuda.A bot without the need to have previously identified it.