DoJ and FBI now issuing command to botnet malware

April 21, 2011 By 65 Comments

Looks like the FBI is starting to get pretty serious about fighting malware. Traditionally they have attacked the servers that activate and control botnets made up of infected computers. This time they’re going much further by taking control of and issuing commands to the botnets. In this instance it’s a nasty little bug called Coreflood, and they’ve been given … Read the rest

Filed Under: security hacks Tagged With: , , , ,

Twitter as a botnet command center

August 26, 2009 By 7 Comments

twitter_botnet

The folks over at Arbor Networks were browsing Twitter and discovered something very strange: a Twitter account seemingly posting gibberish. At least, that’s how it appeared at first. Upon closer investigation, they discovered that the profile was posting base64 encoded links to PKZIP archives. When they extracted the contents and unpacked the contained DLL and EXE files, they discovered that … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , ,

Malware posing as Change.gov

January 17, 2009 By 13 Comments

change

PandaLabs has identified a botnet running a malware campaign impersonating president-elect Obama’s website. The front page of the site features a sensational story titled “Barack Obama has refused to be a president”. Clicking the link will download the malware and make the target’s machine part of the botnet. They’re using fast-flux to assign the malicious domains to the massive … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , ,

Dismantling the Storm Worm botnet

January 16, 2009 By 24 Comments

malware

Zero Day has an interview with German researchers who have found a way to take down the Storm Worm botnet. Their program, Stormfucker, takes advantage of flaws in Storm’s command network: Nodes that are NAT‘d only use a four-byte XOR challenge. Nodes that aren’t NAT’d are only using a trivial 64bit RSA signature. Their solution can clean … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , , ,

Company shutdown causes 2/3rds drop in all spam

November 12, 2008 By 26 Comments

The Washington Post is reporting that the shutdown of one hosting company has caused the total volume of spam to drop by 2/3rds. The company in question is McColo Corp. Both Hurricane Electric and Global Crossing pulled the plug today after a damning report revealed a number of illegal activities happening on McColo’s servers. McColo already had a reputation … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , ,

Botnet attack via P2P software

June 29, 2008 By 7 Comments


P2P networks have long been a legal gray area, used for various spam schemes, illegal filesharing, and lots and lots of adware. Last year, though, the first botnet created by a worm distributed via P2P software surfaced, the work of 19-year-old [Jason Michael Milmont] of Cheyenne, Wyoming, who distributed his Nugache Worm by offering free downloads of the P2P app … Read the rest

Filed Under: news Tagged With: , , , , , , , , , , ,