Mirage Anti-Bot

View previous topic View next topic Go down

Mirage Anti-Bot

Post by Guest on 10/2/2012, 07:47

I just saw a mention at WSF about it.


Mirage Anti-Bot will at first only protect against the infamous ZeuS malware. ZeuS (also known as Zbot) is a crimeware kit, which steals credentials from various online services like social networks (such as Facebook), online banking accounts (phising), ftp-accounts, email-accounts and other. Blocking of other malware (SpyEye and Palevo) will be added soon.

Judging by that info, I'd say they will be getting the data from abuse.ch ZeuS, SpyEye and Palevo trackers.


Mirage Anti-Bot will effectively block your computer from visiting infected sites and thus creates an extra layer of security.

I'm already doing that, using PeerBlock. Laughing

-http://fred-de-vries.blogspot.com/2012/02/news-mirage-anti-bot.html

Nonetheless, is nice to see this kind of tool.


Last edited by m00nbl00d on 23/2/2012, 01:01; edited 1 time in total

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Guest on 12/2/2012, 05:03

It has been released. For now it only blocks access to ZeuS C&C servers. And, as I suspected, it does use abuse.ch data.

-http://fred-de-vries.blogspot.com/2012/02/released-mirage-anti-bot-10.html

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Guest on 16/2/2012, 07:50

So, has any one given a try to this little sucker? I still haven't. As soon as they add SpyeEye and Palevo, I will try it.

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Guest on 17/2/2012, 08:59

From what I understand, judging by the WSF thread, it just make use of the hosts file. It doesn't use the IPs. I suggested to also use them, or at least allow users to add those IP lists from abuse.ch.

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Guest on 23/2/2012, 00:55

A new version came out.


Changelog
[+] Installer
[+] New GUI, More pro
[+] Starts with Windows
[+] Protects you against Palevo botnet
[+] Protects you against SpyEye botnet
[+] Confirm on quit
[+] Limit exceed bug fixed, now it grabs data locally using SSL
[+] Proxy authentification added

I truly don't see the point about it, though. I mean, all the application does is add the abused domain names to the Windows hosts file.

You can already do that using a software application such as HostsMan or even a script, such as the one I presented here: http://ssj100.fullsubject.com/t454-powershell-script-to-handle-hosts-file (You could even schedule a task to automate the whole process.)

And, it's totally useless for those not wanting to use the hosts file to block access to malicious domains.

My opinion is that Mirage Anti-Bot would make much more sense, if it added the domains list to its own internal database. This way more users could make use of it. Not to mention, that it should block access to ZeuS, SpyEye and Palevo C&C servers IP addresses.

If it comes to a point when it does this, then I'm sure it will be way more useful than it is right now.

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Guest on 24/2/2012, 06:52

-edit-

Apparently, according to a Mirage Anti-Bot team member, it does block C&C IP addresses.

Guest
Guest


Back to top Go down

Re: Mirage Anti-Bot

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum