RSS Alerts

Related Links

Related Stories

  • GoldenCashWorld botnet, malware and hacker data exchange portal revealed
    Security researchers with Finjan have uncovered a highly sophisticated online botnet, malware and hacker exchange network for buying and selling access to infected PCs.
  • Webroot warns on political Koobface data hijack
    IT security vendor Webroot says it has discovered a pro-Israeli website apparently receiving passwords stolen by Koobface, the social networking worm that has been around for more than a year.
  • Zeus gang hits 75 000 computers
    The same criminal gang that targeted government and military computers with its malware has also infected 75 000 computers in almost 200 countries with a virulent strain of the banking trojan, according to research from network monitoring company NetWitness.
  • Zeus botnet traced to Latvian operation
    Researchers have been busy over the last few days tracing where the Zeus botnet is being controlled from, following investigations by the University of Alabama in the US, which tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the internet.
  • Weekly brief - October 5 2009
    Deviousness, Defenses, and Disappointments - read all about the week's security news in our weekly brief.

News

Finjan uncovers one of world's largest botnets

22 April 2009

Finjan has uncovered what appears to be one of the largest bot networks controlled by a single cybercrime gang, with 1.9 million infected zombie computers forming the swarm.

The business internet security vendor says that the botnet has been operational since February.

Hosted in the Ukraine, the swarm is reportedly being controlled by a gang of six people who are instructing infected Windows XP-based machines to copy files, record keystrokes, send spam, and take screenshots,

Reports suggest that the Ukrainian gang has compromised computers in 77 government-owned domains around the world, although around half of the infected PCs are located in the US.

According to Finjan, almost 80% of infected systems are running Internet Explorer, while 15% are using Mozilla Firefox,

Since the discovery of its findings, the company says it has provided UK and US law enforcement with information about the botnet server.

Yuval Ben-Itzhak, Finjan's chief technology officer, says that, as the company predicted at the end of last year, cybercriminals keep on looking for improved methods to distribute their malware and Trojans are winning the race.

The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar, he says, adding that, as big money drives today's cybercrime activities, organisations and corporations need to protect their valuable data to prevent theft by these kind of sophisticated cyberattacks.

Screenshots and examples taken from the command and control server can be found on Finjan's MCRC blog post here.

 

 

This article is featured in:
Internet and Network Security Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water