The DDoS malware families we analyzed for this study
all had a similar architecture which can also be found in
malware kits for other purposes (e.g., banking Trojans or
password stealers like ZeuS and SpyEye). The command
and control part is provided as a so-called panel, a webfrontend
that can be installed on common webserver configurations
using the server-side scripting language PHP
and a database (typically MySQL).