Features

Manually decoded and decrypted

 

40+ malware families

 

Categorized XML Schemas

 

updated every 60 minutes

 

What is BARS ?

Our Botnet Analysis & Reporting Service (BARS) provides in-depth analysis, tracking, and history of malware families that utilize unique control protocols and possibly encryption mechanisms.

We provide the following unique elements as part of our BARS package:

Infrastructure
to provide automated tracking and reporting of known botnets
Analysts
focused on investigating new malware families and/or variants
Developers
writing specialized code to track and report on these new threats

Our data set contains information related to bots including:

  • IP
  • PGP
  • GeoIP Information related to each bot


OUR XML SCHEMAS

BOT XML SCHEMA

Contains information related to hosts infected with malware (bots), including the IP, BGP and GeoIP information related to each Bot. Each infected host is also categorized with the type of malware it is infected with, including additional elements.

For example, an entry for a Waledac bot will include a Waledac element, listing the HTTP proxy used by the bot and possible SHA1 signatures for the malware the host is infected with.

BOTNET XML SCHEMA

Contains information related to command and control servers (botnets), including the family, the infected hosts connecting to that botnet, and details regarding the hosts used to control the botnet (if any). The schema also includes the type of botnet, the infected hosts that belong to that botnet, and details about the host(s) being used to control the botnet.

We list three different types of botnets: IRC (Internet Relay Chat), HTTP, and P2P (Peer to Peer), each with additional elements. For example, the XML entry for an IRC based botnet may include the IPs, ports, channels and passwords of multiple servers being used to control the botnet.

DDoS XML SCHEMA

Contains information related to distributed denial of service (DDoS) attacks. Each DDoS element represents a separate attack recorded by our monitoring systems. The target of each attack is provided, along with attack details such as the location of the victim, the time of the attack, the duration, and (when available) details on the nature and strength of the attack.


SAMPLE BOTNET FAMILIES

Aldibot, Alina, Andromeda, BlackEnergy, DarkComet, Dirtjumper, Dridex, Illusion, JackPOS, Jedobot, Optima, Pony, Smoke, Solar, Umbra, and Vertexnet

OUR BARS Feed IS AVAILABLE ON AN ANNUAL SUBSCRIPTION BASIS


Our BARS FEED includes a 30-day money back guarantee