Skip navigation.
Home

Bobax Research

I am currently attempting to research Bobax variants, which according to a report at http://www.secureworks.com/research/threats/topbotnets/?threat=topbotnets Bobax is still a fairly prominent botnet. I realize the article is a little old but I was wondering if anyone know how to obtain a recent copy of a Bobax variant. The latest returned on here is from 10/28 of this year, which isn't too bad. I was just hoping to get a few more that are only a month or so old. If anyone has some pointers or actual binaries let me know.

Bobax is dead (at the moment)

It had been dwindling for several months since I wrote that article, but it went down hard on Dec 18 and hasn't been back yet. If you are still interested in studying it, drop me a line - jstewart at secureworks.

http://www.offensivecomputing

http://www.offensivecomputing.net/?q=ocsearch&ocq=e454a2e9d24c59bb57ca3b63d251ccd3

Recent binary retrieved 2 days ago from driveby.

I assume they mean the c&c are dormant now?

Distribution seems ok from here.