Department of Homeland Security

(U//FOUO) US-CERT Botnet Operations Presentation

The following document was obtained from the website of the Organization of American States.

CTIS Botnet Operations

Page Count: 13 pages
Date: January 27, 2016
Restriction: TLP: AMBER, For Official Use Only
Originating Organization: U.S. Computer Emergency Readiness Team, Cyber Threat Information Sharing Branch
File Type: pdf
File Size: 1,623,523 bytes
File Hash (SHA-256): 861F61398631CCF0FB9AB1BA796D2E0A39BCA18527FDBEC574CAE54343356BE1


Download File

CTIS Counter-Botnet Operational Umbrella

Botnet CNE Operations targeting
– Federal, State , Local, Tribal and Territories enclaves
– Commercial enclaves
– ISACs

CTIS Receives internal request for additional threat information
• Activity Report
• Information Bulletin

Collaboration Botnet Operations
•Law Enforcement
•Commercial organizations

Collaboration Products
•Joint Activity Report
•Joint Information Bulletin

Botnets of Interest

Brobot
•Brobot conducts Distributed Denial of Service (DDoS) attacks targeting online and mobile banking services.

Dridex
•DRIDEX is an online banking malware that steals credential information through HTML injections. Leverages Microsoft Macros. Can be employed to
spend spam or participate in DDoS attacks

US-CERT-BotnetOperations_Page_06 US-CERT-BotnetOperations_Page_07 US-CERT-BotnetOperations_Page_08 US-CERT-BotnetOperations_Page_09 US-CERT-BotnetOperations_Page_10

Share this:

Facebooktwitterredditlinkedinmail