AOH :: IS2014.HTM

Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs




Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs
Researchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs



http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=217000166 

By Kelly Jackson Higgins
DarkReading
April 22, 2009 

Researchers have discovered a major botnet operating out of the Ukraine 
that has infected 1.9 million machines, including large corporate and 
government PCs mainly in the U.S.

The botnet, which appears to be larger than the infamous Storm botnet 
was in its heyday, has infected machines from some 77 government-owned 
domains -- 51 of which are U.S. government ones, according to Ophir 
Shalitin, marketing director of Finjan, which recently found the botnet. 
Shalitin says the botnet is controlled by six individuals and is hosted 
in Ukraine.

Aside from its massive size and scope, what is also striking about the 
botnet is what its malware can do to an infected machine. The malware 
lets an attacker read the victim's email, communicate via HTTP in the 
botnet, inject code into other processes, visit Websites without the 
user knowing, and register as a background service on the infected 
machine, for instance. The bots communicate with their command and 
control systems via HTTP.

Botnet expert Joe Stewart says it appears to be similar to other 
downloader-type botnets. "It looks a lot like other downloader bots out 
there," says Stewart, director of malware research for SecureWorks. "It 
has a system for installing other malware and getting paid for it. The 
first stage is to get the bot piece onto the machine, and then they get 
paid to install other malware."

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information 



Site design & layout copyright © 1986-2014 CodeGods