The so-called Iranian Cyber Army, a group of hackers with alleged links to Iran’s Revolutionary Guards, is reportedly getting into the botnet business.
The group, which hacked Twitter and Chinese search engine Baidu last year, has been offering its services on the cyber black market by renting access to its botnet, PCWorld reports. Last month, the group took credit for cyber attacking TechCrunch’s European website.
Researchers at Seculert traced the malicious server behind those attacks and discovered the Iranian Cyber Army may also be running a botnet. They found an administration interface where those who want to rent the botnet can describe the machines they would like to infect and upload their own malware for distribution by the botnet, according to Seculert’s Research Labs.
The Iranian Cyber Army is believed to be behind the botnet as the administration panel showed the same email address–Iranian.email@example.com–associated with the Twitter and Baidu defacement attacks. Additionally, a page showing statistics on the number of infected computers showed the group’s name in its HTML source code, according to screenshots posted by Seculert.