
100 ◾ Malicious Bots
About a month after massive success with KorGo bots and LSASS exploita-
tion, the Hang-UP Team then launched the largest-ever coordinated Trojan attack
utilizing a zero-day exploit (MS04-025), over 600 compromised servers, and code
customized for the massive attack.* is complicated attack successfully injected
a hostile JavaScript footer to every page served up by an infected server, called the
Scob Trojan.
W
hen successful, the exploit attack downloaded and executed a script to create a
rogue administrator account called “IWAP_WWW.” is was immediately followed
with a new download of a Trojan horse, using the exact same ...