UPDATE: Dridex / Bugat botnet is alive

Now, two months later it still seems to be alive and kicking! Drixet is still very much alive …

Original Article (14.10.2015)

There’s a big difference between “mostly dead” and “all dead” with film characters … and with malware distributing botnets. The Dridex/Bugat botnet is still slightly alive …

Miracle Max, from the classic Princess Bride film, has some comments for the US authorities and their efforts to disrupt the Dridex/Bugat botnet.

“Mostly dead is slightly alive,” stated Miracle Max while reviving Westley.

As of 8:50 CET, October 16, at least four Dridex second stage nodes are still responding. “The botnet is definitely still active,” pointed out Moritz Kroll, malware researcher at Avira. “The version of the main component I received is 3.124 and seems to have been created on 2015-10-14.”

Yes, there is a significant difference between mostly dead and all dead in the movies and with the Dridex/Bugat botnet.

The responses from the botnet confirmed Kroll’s suspicions: The arrest of the administrators and the takedown of the botnet this week may not have completely killed its operations. “We just have to hope that the rest of the botnet will be ‘all dead’ in the near future.”

Here is some earlier news about the Dridex/Bugat botnet from Avira.

 

This post is also available in: FrenchItalian

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.