Unbeknownst to its users and perhaps even to its developers, the popular Windows download manager Orbit Downloader has been outfitted with a DDoS component.
The Orbit Downloader has been around since 2006. That and the fact that it is available for download for free (although bundled with some potentially unwanted applications) has made it popular with many, many users.
The DDoS component has been discovered by ESET researchers while doing a routine examination of the software, and subsequent analysis of previous versions has shown that it was added to orbitDM.exe sometime between the release of version 4.1.1.14 (December 25, 2012) and version 4.1.1.15 (January 10, 2013).
The thing functions like this: the installed software contacts Orbit Downloader’s server (at orbitdownloader.com) to download a configuration file containing a list of target URLs and IP addresses, and a Win32 PE DLL file to perform the attack against them.
SOURCE: net-security.org
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…