Security researchers have discovered a strain of DDoS botnet agent that launches an attack against large corporate investment groups and mining-related interests.
The technically unremarkable JKDDOS botnet launches packet-flooding attacks on targeted websites from malware-infected zombie PCs. Targets over the months have included gaming sites and online stores as well as more obscure and unusual targets.
For example, an investment firm was repeatedly targeted for attack, DDoS mitigation tool firm Arbor Networks reports.
"A well-known investment company based in New York City was attacked by a JKDDOS botnet on six separate occasions during the 10-day period starting on October 21, 2010, with the shortest and longest attacks lasting approximately three and 33 hours, respectively," Jeff Edwards, a security researcher at Arbor, writes.
"Three different victims have some connection to the gold mining industry, and one victim was a manganese miner."
The botnet, seeded from exploit-serving websites in China and the US and controlled through a command infrastructure in China, has also attacked a "a corporate holding company that invests in major wineries".
It may be that JKDDOS is a tool in an underground denial of service for hire service, at least that is the most obvious explanation that springs to mind, but there is nothing to either prove or disprove this theory in the code itself, as a detailed write-up of the malware by Arbor demonstrates. ®