Malware posing as Change.gov

January 17, 2009 By 13 Comments

change

PandaLabs has identified a botnet running a malware campaign impersonating president-elect Obama’s website. The front page of the site features a sensational story titled “Barack Obama has refused to be a president”. Clicking the link will download the malware and make the target’s machine part of the botnet. They’re using fast-flux to assign the malicious domains to the massive … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , ,

Dismantling the Storm Worm botnet

January 16, 2009 By 24 Comments

malware

Zero Day has an interview with German researchers who have found a way to take down the Storm Worm botnet. Their program, Stormfucker, takes advantage of flaws in Storm’s command network: Nodes that are NAT‘d only use a four-byte XOR challenge. Nodes that aren’t NAT’d are only using a trivial 64bit RSA signature. Their solution can clean … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , , ,