A young malware developer used the same Skype ID for applying for jobs and advertising their internet of things (IoT) botnet.
‘DaddyL33T’ is a 13- year old malware developer. Going by the nickname of DaddyL33T, this malware dev is the individual behind the DaddyHackingTeam portal, the home of a future soon-to-be-launched botnet control panel. They maintain an active profile under the name “DaddyPvP” on the HackForums security technology platform. In one of his posts to the site, the padawan of poisonous software requests helps to scan a Qbot botnet.
The service is under development, the crook’s website newly houses several repositories containing the source code of various malware families leaked or cracked during the past few years. DaddyL33t wouldn’t be a real hacker if he also didn’t have a HackForums profile. His account is registered under the name of DaddyPvP, and in most of his post he’s either asking for help or peddling registered under the name of DaddyPvP, and in most of his posts he is either asking for help or peddling his botnet.
While most wannabe hackers asking for help on HackForums are harmless, DaddyL33t’s appears to have some technical skills or at least the bare minimum to put out a fully functional botnet.
Ankit Anubhav, a Principal Researcher at the NewSky Security, has stalked down DaddyL33t’s botnet, which appears to be a modified version of the QBot botnet. On HackForums, DaddyL33t has asked fellow users for help with various QBot issues.
The researchers say DaddyL33t’s botnet recover binary files used during the infection process from the DaddyHackingTeam portal.
Anubhav had a private Skype conversation with the malware developer, says DaddyL33t’s admit that his botnet only managed to infect around 300 devices, a very small number when compared to other IoT botnets.
Anubhab says that after analyzing QBot samples, he found many similarities with the Gr1n IoT malware, also used for the making of IoT botnets.
Opposed by the researcher about his criminal deeds, the young hacker boldly claimed he was immune because he was a juvenile, taking advantage of the fact that law enforcement agencies won’t always seek charges against minors.
Anubhab said “What concerns me is that with a bit of copy-paste of available code, a kid of age 13 can start a botnet. Such people should be encouraged more towards the white-hat side, and we must also include ethics 101 to mentor our young programmers. Anubhab added “His work is simple but given if he is 13, it’s really impressive. Sadly in the wrong direction”.