Researchers uncover botnet of 1.9 million PCs
Friday, April 24, 2009
Web security researchers have discovered a botnet of 1.9 million malware-infected computers being operated from a server out of the Ukraine, a network security company said at this week's RSA Conference.
The cybercrime server has been running since February 2009 and is controlled by a cybergang of 6 people. The cybercriminals' malware has compromised computers in 77 government-owned domains (.gov) from the US, UK and various other countries, as well as corporate and private PCs.
Researchers said the malware is enables the cybercriminals to execute almost any command on the end-user computer such as: reading emails, copying files, recording keystrokes, sending spam, making screenshots and so on.
Some of the files downloaded onto infected PCs include SENEKA(removed).DLL and Zch(Removed).exe that can read email addresses and other details from the infected computer, communicate with other computers using HTTP protocol or visit websites without the user's consent, according to eWeek.
The malware spreads to PCs running the Windows XP operating system. At least 45 percent of the zombie PCs are located in the U.S. and 6 percent in the UK, researchers said. About 38 percent of the infected PCs could not be traced to their geo-location.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
