Insights From the Analysis of the Mariposa Botnet

Nowadays, botnets are among the topmost network threats by combining innovative hacking capabilities. This is due to the fact that they are constantly improved by hackers to become more resilient against detection and debugging techniques. In this respect, the authors analyze one of the most prominent botnets, namely Mariposa, which infected more than 13 million computers that are located in more than 190 countries. In this regard, they analyze the botnet architecture, components, commands and communication. In this setting, they detail the obfuscation and anti-debugging techniques it uses. Moreover, they detail the infection and code-injection techniques into legitimate processes.