Background
The Brobot malware, also known as ‘itsoknoproblembro' and ‘kamikaze,’ is a general purpose PHP script infecting Content Management Systems (CMSs) using known vulnerabilities. During 2012 and 2013, infected networks were used to launch massive DDoS attacks against US-based banks. This attack, also known as Operation Ababil, was considered the biggest DDoS attack campaign ever.
Recently, the United States Federal Bureau of Investigation (FBI) released an alert through its FBI Liaison Threat Alert System (M-000033-BT) that includes a list of 1,492 URLs of confirmed infected Web sites, with the request that organizations help victims to remove the malware. The FBI threat alert was sent only to its affiliates, and therefore we are unable to provide a direct reference.
This ERT threat alert provides additional details on how to translate the FBI alert into specific actions using the Radware Attack Mitigation System (AMS).
Additional Information