The thriving cybercrime underground marketplace has a lot to offer. From DIY botnet builders, DIY DDoS platforms, to platforms for executing clickjacking and likejacking campaigns, next to drive-by malware attacks, the ecosystem is always a step ahead of the industry established to fight back.

Continuing the “A peek inside…” series, in this post I will profile yet another freely available DIY Botnet building tool – the Umbra Malware Loader.

Screenshots of Umbra Malware Loader’s command and control interface:

Some of its core features include:

Changelog:
[+] Webpanel-Layout
[+] Installs
[+] Bots
[+] Builder with Plugin support
[+] Webpanel-Autoinstaller[*] Unicode-compatible
[-] Plugincommand (use Builder/update function for plugins)

What’s particularly interesting about the Umbra Malware Loader is its modular nature, namely malicious attackers can easily introduce new features while using some of the already coded plugins, next to the ones offered as a managed service.

Today’s modern malware is released in DIY fashion; it’s highly customizable, it’s localized in multiple languages, it comes with detailed instructions and HOWTO’s, and most importantly additional features including coding a new one from scratch, are available as a managed service.

Webroot’s security team is currently in a process of analyzing the Umbra Malware Loader. Details will be posted as soon as new data is gathered.

Related posts:

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This