
46 ◾ Malicious Bots
of a Windows rootkit for stealth, a keylogger component for stealing credentials, a
browser helper object (BHO) for reporting data back to an attacker, and more.*
Bots are installed through multiple vectors, including user interaction and social
engineering, silent execution of code through a Web-based exploit, and brute force
attacks against weakly protected accounts or network shares. One good example
o
f this came in November 2006, when SANS researcher Joel Esler identified a
“massive new outbreak of bots” exploiting Symantec’s Client Security and AntiVirus
Corporate edition products.†
4.4 “Botmasters” Who Were C ...