Palevo (also known as Rimecud, Butterfly bot or Pilleuz) made some big press in 2009 when Panda Security announced the coordinated takedown of a huge botnet that they called Mariposa.
Palevo is a so called bot kit that is being sold in underground forums (like ZeuS) using the name BUtterFly BOT. Therefore there are dozens of different botnets out there run by different criminal groups.
As outlined above, Palevo is a huge threat for corporate- and home networks. Due to the fact that it is spread widely and most people are not aware of the problem I have decided to create Palevo Tracker. My goals are:
- Get some attention on the Palevo threat
- Provide a blocklist for well known Palevo C&Cs to the internet community
- Provide details regarding Palevo C&Cs to ISPs, CERTs and Law Enforcement
- Keep the project smart and simple as possible
To keep it simple I’ve created Palevo Tracker as sub-project on AMaDa. This means that the Palevo Tracker blocklist is included in the AMaDa C&C Blocklist.