Signature Detail

Short Name	TROJAN:ALDIBOT-DETECTION
Severity	High
Recommended	No
Recommended Action	Drop
Category	TROJAN
Keywords	ALDI BOT ddos proxy
Release Date	2011/11/01
Update Number	2020
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

TROJAN: Aldi Bot Detection

This signature detects known bot activity heavily linked to the Aldi Bot. The Aldi Bot offers HTTP and TCP DDoS capabilities along with Firefox, Pidgin and jDownloader credential theft, the creation of a SOCKS5 proxy and the ability to download and execute malicious code of the attacker's choice.

References

URL: http://thehackernews.com/2011/09/aldi-bot-buy-botnet-just-in-10-euros.html
URL: http://www.theregister.co.uk/2011/09/22/aldi_bot/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

TROJAN: Aldi Bot Detection

References