This thread is for discussion of the bot. Post questions, comments and other shits.
Pricing:
Basic Package: 350 USD
^ ^ Includes all modules minus VNC and Google Chrome Formgrabber
Elite Package: 500 USD
^ ^ All features + updates
Rebuilds: 25 USD
[align=center]Ω Omega Bot[/align]
Programmed By: -Prime- Supported & Marketed by : Petr & Hype
Ω Omega Bot About:[/color]
New Generation Malware, Omega Bot programmed using C++ & inline Assembly. Omega Bot is the revolutionary malware which has been coded for long time now. Omega Bot is close to hitting the market. This project cost me hundreds upon hundreds of hours of work, no matter how the day was, Warm & Sunny or Cold & Raining. I always had time for Omega Bot. I have included the most diverse features in Omega Bot. I present to you Omega HTTP Bot.
Ω Omega Bot Development/ Features:
-x86 Ring0 Rootkit (XP Only): ✓ Completed
Filters out vital data from the Windows Kernel, to SPOILER\deny\protect important Bot data. It will also escalate the Bot's Privileges for obvious reasons. It will effectively hinder removal of Omega Bot. Ring0 Rootkit will also act as a persistence module of the bot.
The Ring0 Rootkit will be extended in future versions. These extensions include wider compatibility rates & bug fixes.
-Formgrabber: ✓ Completed
Captures vital website forms. Incredibly sophisticated formgrabber works on:
[ + ] Internet Explorer version 10 and 11 beta
[ + ] Mozilla Firefox version 22.0
**Google Chrome FG is being built and is at 50% completion
Note
he Google Chrome formgrabber could be removed from the Bot, because at the current state, there is very slim chances it will be in commercial condition. Therefore it COULD be removed.
This formgrabber avoids interruption of 3rd Party Formgrabber while working successfully and smoothly.
-x86 Ring3 Rootkit(User Kit): ✓ Completed
Intercepts and modifies all NT System Calls on x86 PC(s)in order to SPOILER\protect\deny access to all the Bots vital files\processes\network activity\registry and other Bot's related objects . It makes it a nightmare to remove this malware from the system even for a Experienced User also applying for 3rd Party Bot's. Works for x86 PC's only.
-x64 Ring3 Rootkit(User Kit): ✓ Completed
Intercepts and modifies all NT System Calls on x64 PC(s) in order to completely SPOILER\protect\deny access to all the Bots vital files\processes\network activity\registry and other Bot's related objects . It makes it a nightmare to remove this malware from the system even for a Experienced User the same applies for 3rd Party Bots. Works for x64 PC's only.
Omega Bot is one of very few Malwares, which have this functionality implemented into them.
-Anti-Botkiller: ✓ Completed
Omega Bot protects itself from the most advanced Malwares.
Unhook other Bots rootkit, while preserving it's own hooked functions integrity.
Advanced Persistent behavior, if in a condition the Bot's Processes , Registry , Files or other Bot's Objects get disturbed ever so slightly it will restart it and replace all the disturbed objects.
Apart from these features the Bot is capable of hindering installation procedure of other Bots.
Anti-Botkiller will also block other Bots from running as well therefore removing chances of Omega Bot being killed during run-time.
-Bot killer: ✓ Completed
Unleashes its sophisticated proactive scanning on system. Omega Bot uses heuristic scanning, any suspicious files will be crippled and deleted. This Bot killer unlike most others manages to defend against injection into other processes thus reducing the chances of Omega Bot being less superior. All major Malware will be detected and deleted. Bot killer also has a new feature dubbed "Shield Light".
This feature will be discussed & explained further, upon release.
Can kill the following:
Zeus 2.0.x.x ✓ Completed
SpyEye 1.x ✓ Completed
WebCrab ✓ Completed
Citadel 1.3.5.1 ✓ Completed
ICE IX 1.2.6 ✓ Completed
Smoke Loader ✓ Completed
Andromeda ✓ Completed
BetaBot ✓ Completed
Pony ✓ Completed
NetWire ✓ Completed
All Stealers ✓ Completed
All RATs ✓ Completed
-Local File Spread: ✖ Under Development
Binds to all local File(s) available thus increasing the chances of infection on other hosts. Do be advised that enabling this for long periods of time will result in detection.
-P2P Network Spread: ✓ Completed
Spreads through the use of known P2P applications. Using this feature enables faster spreading resulting in increase in Botnet. Do be advised that enabling this for long periods of time will result in detection. P2P programs include but not limited to: DXG, FrostWire, and more!
Anti-Debug Techniques: ✓ Completed
Omega Bot takes the advantage of multiple anti-debug and other anti's techniques. This protects the code of the Bot from being exposed. The highest standard Debugger available on the market cannot manage to debug this Bot. Few examples of Debugger(s) bypassed successfully:
Ollydbg
IDA pro
Immunity Debugger
Many More!
-Multiple DDOS methods: ✓ Completed
Uses strong multiple DDOS attack vectors in order to flood a server. More DDOS vectors are still under development and more are to be added in near future.
Methods of DDOS UNTIL now:
UDP
HTTP GET
HTTP POST
Rapid Connect\Disconnect
ICMP
Slowloris
SYN
We are thinking about turning the DDoS module into a plugin to keep the server size small.
-Anti-Virus Bypass: ✓ Completed
Omega Bot bypasses almost all security Applications, using custom bypasses. It bypasses the sandbox with ease.
During Development this became a needed feature to bypass the most diverse AV available on market. Instead of killing a AV we decided to try bypass the whole AV itself. This was like sailing in storm but managed to go through:
Complete AV bypass:
ArcaVir
Avast! ✓ Completed
AVG ✓ Completed
Avira ✓ Completed
BullGuard ✓ Completed
Emsisoft Anti-Malware ✓ Completed
ESET NOD32 ✓ Completed
K7 AntiVirus ✓ Completed
Kaspersky AV/IS ✓ Completed
Lavasoft Adaware AV ✓ Completed
MalwareBytes Anti-Malware ✓ Completed
McAfee ✓ Completed
Microsoft Security Essentials ✓ Completed
Norman AntiVirus ✓ Completed
Norton AntiVirus ✓ Completed
Outpost Firewall Pro ✓ Completed
Panda AV/IS ✓ Completed
Panda Cloud AV ✓ Completed
PC Tools AntiVirus ✓ Completed
Rising AV/IS ✓ Completed
Sophos Endpoint AntiVirus ✓ Completed
Total Defense ✓ Completed
Total Defense ✓ Completed
Vipre ✓ Completed
Webroot SecureAnywhere AV ✓ Completed
Windows Defender ✓ Completed
ZoneAlarm IS ✓ Completed
During few minor test runs we also found out Online Scanning Websites such as VirusTotal is unable to scan the Bot.
This feature, will surely increase the chances of infection.
-Ruskill: ✓ Completed
Omega Bot has the ability to quarantine any specific program\application in a restricted environment. After the program finishes executing it will restore the environment back. I also incorporated a "Queuing" feature which allows a large amount of files to be in a queue allowing large amount of ruskilling with time-keeping.
-Live Stealers: ✖ Under Development
Steals various FTP details from a large list of FTP clients, the stealing happens as it is happening live.
After stealing process happens it will export the details to Panel.
-DNS redirector\blocker: ✖ Under Development
A standard method via hooking DNS related functions in order to redirect or block websites. Websites to be blocked or redirected can be added via Panel.
This feature can only be able to redirect and Block up to 500 domain. The limit can be increased but there are chances that it can cause unknown bugs to be caused during Run-Time.
-Polymorphic: ✖ Under Development
A method to try evade AV via encryption with variable keys and Compression. This will be edited a bit more to make this feature more perfect. This is still under development and yet to be tested. This is not promised to be included in final product. I will of course replace this if taken out with something else.
-Bot Spam: ✖ Under Development
Omega Bot has a Mass Spam functionality. It will spam all the contact list with a localized message with a the Bot attached, it will use social-engineering techniques to trick the recipient into executing the Bot. The Attacker can target individual email address to spam as well.
Star Features:
x86 Ring0 (XP Only) Rootkit
Sophisticated AV bypass methods
Dual Architecture User-mode Rootkit (x64 and x86)
Powerful Botkiller
Superior Anti-Botkiller
Multiple Automated Spreading Techniques
IE, FF, and soon Chrome Formgrabber
Powerful DDoS methods
Ω Omega Bot New-Generation Feature:
-Bot-To-Bot File Sharing System: ✓ Completed
Using Peer-To-Peer technology to create a Private Global File Sharing network. It is one of the first to use this feature. The larger the Botnet the bigger your File Sharing network. This will not only come use for monetizing but also for personal reasons.
-Custom Module Scripting Language: ✓ Completed
A New-Generation Bot feature which allows you to write your own Modules for the Bot. This allows new features to be added during the Run-Time. This feature is sure to revolutionize MalWare. Now, rather than everyone having same Bots with exact same superiority, you can gain advantage over your competitors via adding new modules. This allows the Bot to be limitless. This idea has been thought out and we already created a Developer Tool for Omega Bot. You can create any thing to System Wide Root-kit to SPOILER different objects or even a Sandbox or P2P network. All the Custom modules are interpreted rather as it is it's own scripting language. After they have been interpreted they are executed directly from memory space of another process.
Ω Omega Bot Future Features:
-VNC:
Connect back to your installs and take control of their computer.
-฿ Bitcoin Miner:
This feature could be released in future version(s), instead of buying the Bitcoin Miners from 3rd party sellers you can get a built in one.
-Ł Litecoin Miner:
This feature could be released in future version(s), instead of buying the Litecoin Miners from 3rd party sellers you can get a built in one.
-SOCKS5 Server:
To turn your bots into socks5 proxies.
-USB LNK Spread:
Currently being decided upon, USB LNK spread uses LNK file swap techniques in order to infect USB devices.
Ω Omega Bot General Project Information:
The project Omega Bot was programmed in Visual Studio 2010 Ultimate using Inline Assembly via the help of MASM. Therefore you can expect the Bot to increase the quality over-time unlike other Malware Developer(s), once a bug is fixed we will supply you with the fixes for free without any additional cost(s).
Our marketing strategy is to make the Bot cheap on the long-run. Majority of the Bot-masters tend to control Botnets for years to come before they "retire". Therefore I believe that making it cheap in long-run is more beneficial to you!
3rd Party Credits:
MSDN Library: Provided vital documentation, for some of the functions used in this Bot
IDA Pro Debugger: Provided easy and powerful means to debug, to help find out MORE about undocumented functions.
PE explorer: Provided valuable detail and error checking means needed for few features included in the Bot.
DebugView: Assisted during development of few features listed on this Bot.
Ω Omega Bot Contact Detail's:
If you have any questions regarding this bot, feel free to message the support
-Hype :hypercodes@jabber.ru
-Petr Petr@jodo.im
Communication link:
As we said, HATE\FLAME mail will be deleted and user will be put on Ignore list. Once on our ignore list, it will be permanent; no one excluded.
That was our first and last warning.
Pricing:
Basic Package: 350 USD
^ ^ Includes all modules minus VNC and Google Chrome Formgrabber
Elite Package: 500 USD
^ ^ All features + updates
Rebuilds: 25 USD
[align=center]Ω Omega Bot[/align]
Programmed By: -Prime- Supported & Marketed by : Petr & Hype
Ω Omega Bot About:[/color]
New Generation Malware, Omega Bot programmed using C++ & inline Assembly. Omega Bot is the revolutionary malware which has been coded for long time now. Omega Bot is close to hitting the market. This project cost me hundreds upon hundreds of hours of work, no matter how the day was, Warm & Sunny or Cold & Raining. I always had time for Omega Bot. I have included the most diverse features in Omega Bot. I present to you Omega HTTP Bot.
Ω Omega Bot Development/ Features:
-x86 Ring0 Rootkit (XP Only): ✓ Completed
Filters out vital data from the Windows Kernel, to SPOILER\deny\protect important Bot data. It will also escalate the Bot's Privileges for obvious reasons. It will effectively hinder removal of Omega Bot. Ring0 Rootkit will also act as a persistence module of the bot.
The Ring0 Rootkit will be extended in future versions. These extensions include wider compatibility rates & bug fixes.
-Formgrabber: ✓ Completed
Captures vital website forms. Incredibly sophisticated formgrabber works on:
[ + ] Internet Explorer version 10 and 11 beta
[ + ] Mozilla Firefox version 22.0
**Google Chrome FG is being built and is at 50% completion
Note
he Google Chrome formgrabber could be removed from the Bot, because at the current state, there is very slim chances it will be in commercial condition. Therefore it COULD be removed.This formgrabber avoids interruption of 3rd Party Formgrabber while working successfully and smoothly.
-x86 Ring3 Rootkit(User Kit): ✓ Completed
Intercepts and modifies all NT System Calls on x86 PC(s)in order to SPOILER\protect\deny access to all the Bots vital files\processes\network activity\registry and other Bot's related objects . It makes it a nightmare to remove this malware from the system even for a Experienced User also applying for 3rd Party Bot's. Works for x86 PC's only.
-x64 Ring3 Rootkit(User Kit): ✓ Completed
Intercepts and modifies all NT System Calls on x64 PC(s) in order to completely SPOILER\protect\deny access to all the Bots vital files\processes\network activity\registry and other Bot's related objects . It makes it a nightmare to remove this malware from the system even for a Experienced User the same applies for 3rd Party Bots. Works for x64 PC's only.
Omega Bot is one of very few Malwares, which have this functionality implemented into them.
-Anti-Botkiller: ✓ Completed
Omega Bot protects itself from the most advanced Malwares.
Unhook other Bots rootkit, while preserving it's own hooked functions integrity.
Advanced Persistent behavior, if in a condition the Bot's Processes , Registry , Files or other Bot's Objects get disturbed ever so slightly it will restart it and replace all the disturbed objects.
Apart from these features the Bot is capable of hindering installation procedure of other Bots.
Anti-Botkiller will also block other Bots from running as well therefore removing chances of Omega Bot being killed during run-time.
-Bot killer: ✓ Completed
Unleashes its sophisticated proactive scanning on system. Omega Bot uses heuristic scanning, any suspicious files will be crippled and deleted. This Bot killer unlike most others manages to defend against injection into other processes thus reducing the chances of Omega Bot being less superior. All major Malware will be detected and deleted. Bot killer also has a new feature dubbed "Shield Light".
This feature will be discussed & explained further, upon release.
Can kill the following:
Zeus 2.0.x.x ✓ Completed
SpyEye 1.x ✓ Completed
WebCrab ✓ Completed
Citadel 1.3.5.1 ✓ Completed
ICE IX 1.2.6 ✓ Completed
Smoke Loader ✓ Completed
Andromeda ✓ Completed
BetaBot ✓ Completed
Pony ✓ Completed
NetWire ✓ Completed
All Stealers ✓ Completed
All RATs ✓ Completed
-Local File Spread: ✖ Under Development
Binds to all local File(s) available thus increasing the chances of infection on other hosts. Do be advised that enabling this for long periods of time will result in detection.
-P2P Network Spread: ✓ Completed
Spreads through the use of known P2P applications. Using this feature enables faster spreading resulting in increase in Botnet. Do be advised that enabling this for long periods of time will result in detection. P2P programs include but not limited to: DXG, FrostWire, and more!
Anti-Debug Techniques: ✓ Completed
Omega Bot takes the advantage of multiple anti-debug and other anti's techniques. This protects the code of the Bot from being exposed. The highest standard Debugger available on the market cannot manage to debug this Bot. Few examples of Debugger(s) bypassed successfully:
Ollydbg
IDA pro
Immunity Debugger
Many More!
-Multiple DDOS methods: ✓ Completed
Uses strong multiple DDOS attack vectors in order to flood a server. More DDOS vectors are still under development and more are to be added in near future.
Methods of DDOS UNTIL now:
UDP
HTTP GET
HTTP POST
Rapid Connect\Disconnect
ICMP
Slowloris
SYN
We are thinking about turning the DDoS module into a plugin to keep the server size small.
-Anti-Virus Bypass: ✓ Completed
Omega Bot bypasses almost all security Applications, using custom bypasses. It bypasses the sandbox with ease.
During Development this became a needed feature to bypass the most diverse AV available on market. Instead of killing a AV we decided to try bypass the whole AV itself. This was like sailing in storm but managed to go through:
Complete AV bypass:
ArcaVir
Avast! ✓ Completed
AVG ✓ Completed
Avira ✓ Completed
BullGuard ✓ Completed
Emsisoft Anti-Malware ✓ Completed
ESET NOD32 ✓ Completed
K7 AntiVirus ✓ Completed
Kaspersky AV/IS ✓ Completed
Lavasoft Adaware AV ✓ Completed
MalwareBytes Anti-Malware ✓ Completed
McAfee ✓ Completed
Microsoft Security Essentials ✓ Completed
Norman AntiVirus ✓ Completed
Norton AntiVirus ✓ Completed
Outpost Firewall Pro ✓ Completed
Panda AV/IS ✓ Completed
Panda Cloud AV ✓ Completed
PC Tools AntiVirus ✓ Completed
Rising AV/IS ✓ Completed
Sophos Endpoint AntiVirus ✓ Completed
Total Defense ✓ Completed
Total Defense ✓ Completed
Vipre ✓ Completed
Webroot SecureAnywhere AV ✓ Completed
Windows Defender ✓ Completed
ZoneAlarm IS ✓ Completed
During few minor test runs we also found out Online Scanning Websites such as VirusTotal is unable to scan the Bot.
This feature, will surely increase the chances of infection.
-Ruskill: ✓ Completed
Omega Bot has the ability to quarantine any specific program\application in a restricted environment. After the program finishes executing it will restore the environment back. I also incorporated a "Queuing" feature which allows a large amount of files to be in a queue allowing large amount of ruskilling with time-keeping.
-Live Stealers: ✖ Under Development
Steals various FTP details from a large list of FTP clients, the stealing happens as it is happening live.
After stealing process happens it will export the details to Panel.
-DNS redirector\blocker: ✖ Under Development
A standard method via hooking DNS related functions in order to redirect or block websites. Websites to be blocked or redirected can be added via Panel.
This feature can only be able to redirect and Block up to 500 domain. The limit can be increased but there are chances that it can cause unknown bugs to be caused during Run-Time.
-Polymorphic: ✖ Under Development
A method to try evade AV via encryption with variable keys and Compression. This will be edited a bit more to make this feature more perfect. This is still under development and yet to be tested. This is not promised to be included in final product. I will of course replace this if taken out with something else.
-Bot Spam: ✖ Under Development
Omega Bot has a Mass Spam functionality. It will spam all the contact list with a localized message with a the Bot attached, it will use social-engineering techniques to trick the recipient into executing the Bot. The Attacker can target individual email address to spam as well.
Star Features:
x86 Ring0 (XP Only) Rootkit
Sophisticated AV bypass methods
Dual Architecture User-mode Rootkit (x64 and x86)
Powerful Botkiller
Superior Anti-Botkiller
Multiple Automated Spreading Techniques
IE, FF, and soon Chrome Formgrabber
Powerful DDoS methods
Ω Omega Bot New-Generation Feature:
-Bot-To-Bot File Sharing System: ✓ Completed
Using Peer-To-Peer technology to create a Private Global File Sharing network. It is one of the first to use this feature. The larger the Botnet the bigger your File Sharing network. This will not only come use for monetizing but also for personal reasons.
-Custom Module Scripting Language: ✓ Completed
A New-Generation Bot feature which allows you to write your own Modules for the Bot. This allows new features to be added during the Run-Time. This feature is sure to revolutionize MalWare. Now, rather than everyone having same Bots with exact same superiority, you can gain advantage over your competitors via adding new modules. This allows the Bot to be limitless. This idea has been thought out and we already created a Developer Tool for Omega Bot. You can create any thing to System Wide Root-kit to SPOILER different objects or even a Sandbox or P2P network. All the Custom modules are interpreted rather as it is it's own scripting language. After they have been interpreted they are executed directly from memory space of another process.
Ω Omega Bot Future Features:
-VNC:
Connect back to your installs and take control of their computer.
-฿ Bitcoin Miner:
This feature could be released in future version(s), instead of buying the Bitcoin Miners from 3rd party sellers you can get a built in one.
-Ł Litecoin Miner:
This feature could be released in future version(s), instead of buying the Litecoin Miners from 3rd party sellers you can get a built in one.
-SOCKS5 Server:
To turn your bots into socks5 proxies.
-USB LNK Spread:
Currently being decided upon, USB LNK spread uses LNK file swap techniques in order to infect USB devices.
Ω Omega Bot General Project Information:
The project Omega Bot was programmed in Visual Studio 2010 Ultimate using Inline Assembly via the help of MASM. Therefore you can expect the Bot to increase the quality over-time unlike other Malware Developer(s), once a bug is fixed we will supply you with the fixes for free without any additional cost(s).
Our marketing strategy is to make the Bot cheap on the long-run. Majority of the Bot-masters tend to control Botnets for years to come before they "retire". Therefore I believe that making it cheap in long-run is more beneficial to you!
3rd Party Credits:
MSDN Library: Provided vital documentation, for some of the functions used in this Bot
IDA Pro Debugger: Provided easy and powerful means to debug, to help find out MORE about undocumented functions.
PE explorer: Provided valuable detail and error checking means needed for few features included in the Bot.
DebugView: Assisted during development of few features listed on this Bot.
Ω Omega Bot Contact Detail's:
If you have any questions regarding this bot, feel free to message the support
-Hype :hypercodes@jabber.ru
-Petr Petr@jodo.im
Communication link:
As we said, HATE\FLAME mail will be deleted and user will be put on Ignore list. Once on our ignore list, it will be permanent; no one excluded.
That was our first and last warning.
