1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Avzhan DDOS BOT Activity

HTTP Avzhan DDOS BOT Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the Avzhan BOT activity on the system.

Additional Information

Avzhan BOT once installed will communicate with the CnC servers on standard random high port to receive commands from the remote server. Once the BOT establishes connection with the server it will be able to send binary messages to the CnC servers.

Affected

  • Various Platforms

Response

NA
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube