Gov systems found on 1.9m zombie botnet - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > Viruses, Spyware and Malware
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 04-22-2009, 08:00 AM   #1 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Gov systems found on 1.9m zombie botnet

Government and corporate Windows PCs were among the ranks of a 1.9 million botnet recently discovered by net security firm Finjan.
Finjan security researchers discovered the control server of the botnet after tracing back an infection from a corporate client. Evidence on the cybercrime server, which was hosted in the Ukraine, showed it had been in use since February 2009, and controlled by a cybergang of six people.


Trojan downloader malware planted on insecure websites was used to distribute the malware that seeded the botnet, via drive-by download attacks. The core group of cybercrooks were assisted by a vast affiliate network.

Yuval Ben-Itzhak, chief technology officer at Finjan, said the malware that created the botnet used a variety of Internet Explorer, Firefox and PDF vulnerabilities to spread. He added that only four out of 39 anti-virus scanners detected the malware.
Ben-Itzhak told El Reg that the cybercrooks behind the botnet made their money by auctioning off access to compromised machines through underground forums, typically charging $100 for 1,000 machines. The miscreants almost made money from selling data looted from compromised machines, he added.
The cybercrooks collectively compromised computers in 77 government-owned domains (.gov) from the UK, US and various other countries.
The malware that featured in the attack allowed hackers complete control of compromised PCs, nearly all of which were running Windows XP. A variety of malicious actions, from reading emails to copying files, keystroke logging, and spam distribution were all possible.
Since discovering the botnet, Finjan has supplied information to the server to UK and US law enforcement agencies. The command server is now out of commission. Finjan has informed affected corporate and government agencies about infected computer names, in a move that will hopefully result in a clean-up operation.
Screenshots taken from the command and control server, and more discussion on the superbotnet can be found on Finjan’s blog here.

Gov systems found on 1.9m zombie botnet ? The Register
__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Conficker zombie botnet drops to 3.5 million Osiris Viruses, Spyware and Malware 0 04-03-2009 06:37 AM
Pops not going despite Avast/AVG; Kaspersky scanning Thaqalain HijackThis Logs (finished) 7 12-15-2008 09:41 PM
Zombie network explosion Osiris Viruses, Spyware and Malware 1 09-04-2008 05:39 AM
Trojan.Agent igotpwn HijackThis Logs (finished) 24 06-13-2008 09:28 AM


Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities


Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 05:52 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.