botnets

Microsoft identifies two Zeus botnet crime ring suspects

Microsoft released the identities of two alleged members of the Zeus botnet crime ring, which used an estimated 13 million computers infected with the malware to steal more than $100 million.

The botnet operators used the software to show fake or modified Web sites when victims tried to use real banking sites, log their keystrokes to capture victims' identity information, and then use that information to steal money from victims' accounts.

The software giant announced today it had amended a complaint last week to add Yevhen Kulibaba and Yuriy Konovalenko as defendants. The pair is already serving time in the … Read more

Facebook warns users of the end of the Internet via DNSChanger

Don't be alarmed if you open up your Facebook account and get a large warning message that says, "Your computer or network might be infected."

Facebook announced today that its security team has joined a consortium of computer security experts working to clean up malicious malware called DNSChanger. As a result, the social network can now notify victims, who may have infected computers, and help them figure out how to rid their networks of the botnet. (See full warning below).

"Facebook's Product Security Team is working constantly to protect users from malicious content and malware … Read more

White House prepares to convene anti-botnet summit

The White House is planning to convene a cybersecurity summit Wednesday morning to discuss ways to counter botnets, which have emerged as the leading Internet security threat.

Industry representatives are planning to announce a nine-point plan that includes sharing more information about identifying botnets -- and how to help their customers remove the malware from their computers.

The forum, which will be closed to the press but Webcast on the White House Web site starting at 5:30 a.m. PT, will be hosted by Howard Schmidt, who said earlier this month he will retire after three years as cybersecurity … Read more

Notorious Bredolab virus creator is sentenced to prison

The man who elaborated and then spread the Bredolab virus, which infected roughly 30 million computers worldwide, was sentenced to four years in prison by an Armenian district court yesterday, according to Wired.

Georgy Avanesov, a 27-year-old Russian citizen of Armenian descent, was first nabbed in 2010 after Dutch authorities took down a large Bredolab network made up of about 140 different infected computer servers. Shortly after this seizure, global spam levels fell by 12 percent.

Avanesov confessed that he developed the Bredolab malware in 2009 and made it available to others via computer servers in Holland and France, according … Read more

Flashback the largest Mac malware threat yet, experts say

Unless you've been living under a rock for the past week, you've probably heard about Flashback, a piece of malware targeting users of Apple's Mac OS X that's now estimated to be quietly running on more than 600,000 machines around the world.

That number, which came from Russian antivirus company Dr. Web earlier this week, was confirmed today by security firm Kaspersky. More than 98 percent of the affected computers were running Mac OS X, the firm said.

That's certainly a big number, but how does it stack up to past threats?

"It'… Read more

More than 600,000 Macs infected with Flashback botnet

More than half a million Macs are infected with the Flashback Trojan, a malware package designed to steal personal information, according to a Russian antivirus company.

The company -- Dr. Web -- originally reported today that 550,000 Macintosh computers were infected by the growing Mac botnet. But later in the day, Dr. Web malware analyst Sorokin Ivan announced on Twitter that the number of Macs infected with Flashback had increased to 600,000, with 274 of those based in Cupertino, Calif.

@mikko, at this moment botnet Flashback over 600k, include 274 bots from Cupertino and special for you Mikko … Read more

110,000 PC-strong Kelihos botnet sidelined

A new version of the Kelihos spamming botnet has been sidelined by using the peer-to-peer distribution mechanism to basically hijack it, researchers announced today.

The botnet, which was used mostly to distribute spam for Canadian pharmaceutical firms but also stole bitcoin wallets containing virtual currency, was about three times larger than an earlier variant, according to CrowdStrike, the security firm that worked with Kaspersky, Dell SecureWorks, and Honeynet Project to shut down the botnet.

The researchers reverse-engineered the malware code and wrote their own software that rerouted infected computers to communicate with servers controlled by researchers and law enforcement rather … Read more

The long arm of Microsoft tries taking down Zeus botnets

Microsoft and financial services organizations, with an escort of U.S. Marshals, seized command-and-control servers Friday to take down botnets allegedly used to steal more than $100 million using an estimated 13 million computers infected with the Zeus malware.

After raids in Scranton, Pa., and Lombard, Ill., "some of the worst known Zeus botnets were disrupted by Microsoft and our partners worldwide," Microsoft announced Sunday night in a post by Richard Domingues Boscovich, senior attorney with Microsoft's Digital Crimes Unit.

The defendants allegedly installed the Zeus malware and close relatives called Ice-IX and SpyEye onto victims' computers, … Read more

FCC chairman calls on ISPs to help fight cyber attacks

Federal Communications Commission Chairman Julius Genachowski wants Internet service providers to work with government and security experts to adopt voluntary standards to protect consumers from cyber attacks.

On Wednesday, the chairman gave a speech in Washington, D.C., in which he discussed voluntary measures that ISPs and other technology companies could take to help protect the public from three major cyber threats: botnets, domain name fraud, and IP hijacking.

"Cyber attacks pose a critical threat to our economic future and national security," he said in his speech. "If you shut down the Internet, you'd shut down … Read more

Spam continues to dip but malware marches merrily on

Spam may be down, but cybercriminals are keeping busy launching more sophisticated attacks (PDF), according to McAfee's latest Threats Report.

Looking at 2011's final quarter, McAfee found that spam hit its lowest level in years, especially across popular targets such as the U.K., Brazil, Argentina, and South Korea. But the U.S. and Germany saw their rates inch up slightly.

And though spam levels have declined overall, junk mail is still a clear danger because of the increase in spearphishing, or more targeted attacks. In years past, spammers sent their payloads to a slew of random addresses, … Read more