Botnet takedown may yield valuable data

Botnet takedown may yield valuable data
Botnet takedown may yield valuable data 

By Jeremy Kirk
IDG News Service
September 2, 2010

Researchers are hoping to get a better insight on botnets after taking 
down part of Pushdo, one of the top five networks of hacked computers 
responsible for most of the world's spam.

Thorsten Holz, an assistant professor of computer science at 
Ruhr-University in Bochum, Germany, said his group is working on an 
academic paper focused on methods to figure out what type of malicious 
spamming software is on a computer that sent a particular spam e-mail.

They looked at several of the major spamming botnets, including Mega-D, 
Lethic, Rustock as well as Pushdo and Cutwail, two kinds of malware that 
appear to sometimes work together as part of the same botnet.

Holz said they found that Pushdo had a special characteristic in that 
more than half of its command-and-control servers were concentrated 
within one hosting company. Botnets use command-and-control servers to 
issue instructions to the infected PC, such as uploading spam templates 
and the target e-mail addresses to send spam.


Subscribe to InfoSec News - 

Site design & layout copyright © 1986-2015 CodeGods