Is your fridge sending spam? Not so fast

The security world lit up with news of the first instance of an Internet-connected appliance participating in a botnet. Our fears of Skynet made real had come to pass: not only was your fridge keeping your half-eaten tin of Spam cold, it was sending your e-mail account fresh digital spam at the same time.

One problem: the report appears to be based on incorrect assumptions.

Proofpoint, the security firm that published the report, said that the botnet was 100,000 machines strong and sent no more than 10 pieces of e-mail spam per IP address. However, Ars Technica noted that … Read more

The 404 1,365: Where we don't believe everything we read (podcast)

Leaked from today's 404 episode:

- CryptoLocker: a new virus that takes computers hostage, demands BitCoin for ransom.

- Square Cash lets anyone send money by e-mail -- for free.

- A dating site that finds love for the mentally ill.

- Amazon profits off books defending Holocaust denial, rape, incest, and bestiality.… Read more

Symantec takes on one of largest botnets in history

Symantec has seized part of the 1.9 million-computer strong ZeroAccess, one of the largest botnets in existence.

In a blog post Monday, the security firm said the ZeroAccess botnet is primarily used to deliver payloads to infected computers, which is aimed at two illegal, revenue-generating activities: click fraud and bitcoin mining.

One type of payload often associated with ZeroAccess is a click fraud Trojan. Once installed on a compromised computer, the Trojan downloads online advertisements and then generates artificial clicks, which can pay out dividends through pay-per-click (PPC) affiliate schemes. The bots running fraud operations generated around 42 false … Read more

Microsoft, feds disrupt massive Citadel botnet

Working with the Federal Bureau of Investigation, Microsoft on Wednesday moved to disrupt a massive cybercrime ring allegedly responsible for stealing online banking information and personal identities, leading to more than $500 million in losses.

In what the company described as its "most aggressive botnet operation to date," Microsoft acted on a court ordered civil seizure warrant from the U.S. District Court for the Western District of North Carolina to take down 1,462 Citadel botnets. The company wasn't able to shut down all of the botnets using the Citadel malware.

"However, we do expect … Read more

'Chameleon Botnet' takes $6-million-a-month in ad money

A newly discovered botnet has found a way to siphon cash from advertisers., a security researcher, yesterday announced that it has discovered a new botnet, called Chameleon, that's targeting "at least" 202 Web sites. The botnet is made up of over 120,000 host machines running Windows, according to Those machines are connecting to the Web with a Flash-friendly Trident-based browser that executes JavaScript. The vast majority of the machines -- 95 percent -- have come from U.S.-based IP addresses.

The botnets have targeted at least 202 Web sites, hitting them … Read more

Chameleon botnet steals $6M per month in click fraud scam

Security researchers say they have identified a botnet that steals more than $6 million per month by generating fake customer clicks on online display ads.

Dubbed Chameleon, the botnet has infected more than 120,000 Windows-based computers in the U.S., mimicking human behavior on select Web sites to generate billions of ad impressions and fraudulent income for its creators, according to security firm

Click fraud costs Web advertisers in lost revenue by making them pay for illegitimate clicks. reported that advertisers paid an average of 69 cents per one thousand impressions generated by the botnet. … Read more

Malware getting smarter, says McAfee

Malware continues to grow, not just in volume but in sophistication, according to a new report from McAfee.

Released today, the security vendor's fourth-quarter 2012 Threats Report found that more organizations are being targeted by more clever cyberattacks.

The number of trojans designed to steal passwords rose 72 percent last quarter. Some of these trojans are part of "customized" threats, while others are packaged with more "off-the-shelf" forms of malware. As one example, the Citadel trojan was specifically designed to hit financial services companies.

Operation High Roller and Project Bliztkrieg were also cited by McAfee … Read more

Microsoft, Symantec shutter another botnet

Microsoft and security software maker Symantec have revealed that they collaborated on the take-down of a botnet that had infected hundreds of thousands of computers.

By stopping the botnet, infected computers were reportedly unable to search the Internet. According to the story as first reported by Reuters, this is the first time that the companies which stopped the botnet directly warned people who had infected computers and offered them clean-up tools.

The botnet, called Bamital, is the sixth one that that Microsoft has received a court order to stop since 2010 and the second that it has worked with Symantec … Read more

U.S. is home to greatest number of botnet servers, says McAfee

The United States is responsible for the highest number of botnet servers in the world, according to new data from McAfee.

A map and a list of major countries posted by McAfee yesterday show the greatest concentration of botnet servers to be in the U.S., with 631. That's more than two and a half times higher than the second country on the list -- the British Virgin Islands with 237.

The Netherlands took third place with 154 servers, followed by Russia with 125, Germany with 95, and Korea with 81. Among the Top 10, Canada fared the best … Read more

Facebook helps FBI take down $850M botnet crime ring

Facebook helped the FBI take down an international crime ring that used a botnet to infect 11 million computers and steal more than $850 million, one of the largest cybercrime hauls in history.

The FBI announced today that with the social-networking giant's assistance, it had arrested 10 people from countries around the world who it said used the Yahos malware and Butterfly botnet to steal victims' credit card, bank account, and personal information.

"Facebook's security team provided assistance to law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by … Read more