Dirtjumper first caught the attention of PC security researchers around the world in July of 2011. Dirtjumper was used to launch distributed denial of service (DDoS) attacks on various Russian websites. Since then, Dirtjumper has been used to carry out numerous malicious attacks on computers belonging to banks and credit unions as well as on websites involved with online gaming. The main problem with Dirtjumper is the fact that its services are for sale on shady online communities, allowing anyone with enough money to hire their services in order to use Dirtjumper to carry out attacks on any target.
There are several versions of Dirtjumper. It begins with the loading of a malicious executable file named vf4e2ad6800e566_2011723171112.exe, which may be disguised as a fake video codec or media player update. Once installed, Dirtjumper will connect to a remote server in order to receive commands. If these commands involve using the infected computer in order to carry out a Dirtjumper attasck, then the infected computer will attempt to connect repeatedly to a particular host as well as use other techniques in order to overload the target.
With thousands of computers infected with Dirtjumper (research has shown that some Dirtjumper attacks can use nearly one hundred thousand simultaneous computers in order to carry out its attacks) criminals can overload particular targets by flooding them with requests. While several variants of Dirtjumper have been taken down by law enforcement officials, new variants of Dirtjumper have resurfaced a short time afterward. The criminals behind Dirtjumper appear to be based in the Russian Federation and provide their clients with development, support and even user friendly control panels!
The Most Recent Dirtjumper Attack
The FBI has sent out warnings to PC users due to the fact that Dirtjumper was used to steal money from credit unions and banks by using compromised computers to carry out illegal wire transfers. This fraud is based on a spy malware that is aided by DDoS attacks carried out using Dirtjumper. Basically, criminals launched a DDoS attack on the targets before unauthorized wire transfers for millions of dollars were carried out using other malware installed on victims’ computers. The DDoS attacks are used to distract attention from the thefts and to delay the victims’ reaction to preventing the loss of their money.
How Can You Detect Dirtjumper?