רוסיש פראָנטאָן באָטנעט קענען טאָן פיל מער ווי מאַסיוו דדאָס אַטאַקס
Recently, Nisos published a new study describing the inner workings of the unusual Russian botnet Fronton.
לאמיך אייך דערמאנען, אז מיר האבן דאס אויך געשריבן The Appearance of Cheap Russian DarkCrystal RAT Malware Worried Experts.
אויף די פראָנט first emerged in 2020, when the hacktivist group Digital Revolution hacked into an FSB contractor and released white papers demonstrating the creation of a botnet on behalf of the FSB (Federal Security Service).
Until recently, it was believed that the botnet was designed to carry out large-scale DDoS attacks. According to Fronton’s analysis of additional documents, DDoS attacks are only part of the botnet’s capabilities.
According to Nisos, Fronton is “a system for coordinated non-authentic behavior,” און SANA’s custom software shows that the botnet’s true goal may be the rapid and automatic spread of disinformation and propaganda.
You might also be interested to know that Darknet sites of the REvil group are working again: have the Russians released cybercriminals into the wild?
SANA consists of many features, including:
- נייַעס: tracks messages, trends and responses to them;
- Groups: manages bots;
- Behavior models: creates bots that impersonate social media users;
- Reaction models: reacts to messages and content;
- Dictionaries: stores phrases, words, quotes, reactions and comments for use in social networks;
- Albums: Stores sets of images for platform bot accounts.
SANA also allows the user to create social media accounts with generated email addresses and phone numbers, and distribute content online. אין צוגאב, the user can set a schedule for posts and adjust the number of likes, comments, and reactions that the bot should generate. The botnet operator can also specify how many “friends” the bot account should have.