FIESTA botnet dominance at Vietnam and India

Recently found one of the believed is FIESTA control panel kits showed the victims mainly from Vietnam and India, although the scale of infected systems small compare to other Zeus, Rustock and etc. Strongly believed that this control panel kits just tip of iceberg within "botnet" families.



From figure 1, I can make summarized that XP "SP1" are dominance of the victims systems compare to Vista, SP2, 2k and 2k3. There have not surprising that lots of internet users are using SP1 although SP2 and SP3 released few years ago.

Among the infected systems, Firefox browser lead among other browsers used to surf internet.



Figure 2 showed list of the possible"Luckysploits" exploits attempts on victims systems, consist of COM, MDAC, XML Parsing, Snapshot, WFI, PDF, VML2, FF behavior and NCT.

The downloaded executable file gain minor rate from Virustotal, and ThreatExpert reports can be review at http://www.threatexpert.com/report.aspx?md5=0095da1c241cb9056b67425dab3d7283