By JOHN MARKOFF
The New York Times
August 5, 2008
A criminal gang is using software tools normally reserved for computer
network administrators to infect thousands of PCs in corporate and
government networks with programs that steal passwords and other
information, a security researcher has found.
The new form of attack indicates that little progress has been made in
defusing the threat of botnets, networks of infected computers that
criminals use to send spam, steal passwords and do other forms of
damage, according to computer security investigators.
Several security experts say that although attacks against network
administrators are not new, the systematic use of administrative
software to spread malicious software has not been widely seen until
The gang was identified publicly in May by Joe Stewart, director of
malware research at SecureWorks, a computer security firm in Atlanta.
Mr. Stewart, who has determined that the gang is based in Russia, was
able to locate a central program controlling as many as 100,000 infected
computers across the Internet. The program was running at a commercial
Internet hosting computer center in Wisconsin.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com