Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Botnets

Find and Remove SpyEye Banking Trojan

by Shanmuga
Thumbnail image for Find and Remove SpyEye Banking Trojan

SpyEye banking trojan first made its appearance about a year back as a competitor to what is till then known as the king of all bots Zeus/Zbot. Security researchers believe that both bots have now joined hands to prey upon online banking users world-wide.

Read the full article →

ZeuS on the Hunt

by Shanmuga

"One of the most prolific threats to be found on computers around the world is the ZeuS Trojan. ZeuS became one of the most widespread and top-selling spyware programs on the Internet’s black market because using it to steal online data is so easy. The Trojan helps cybercriminals gain access to everything that the user […]

Read the full article →

The botnet ecosystem

by Shanmuga

"Botnets are networks of computers infected by malicious programs called bots.Bots allow cybercriminals to take control of a compromised machine and use its resources for their own goals – distributing spam, launching DDoS attacks, scams etc. Since the advent of botnets, the number of cybercrimes has increased enormously. However, botnets are not just a tool […]

Read the full article →

Security researchers continue hunt for Conficker authors

by Shanmuga

"There are several ongoing investigations attempting to find the authors of the Conficker botnet, one of the fastest spreading worms in history, but those responsible for the worm have proven elusive. Security expert Mikko Hyppönen, chief research officer at F-Secure Corp., said he is aware of several ongoing investigations, but was asked specifically not to […]

Read the full article →

Amazon EC2 Used as Botnet Command and Control

by Shanmuga

"Trend Micro released a report Dec. 9 highlighting what it expects to see as far as security threats in 2010. Among the more interesting predictions — attacks on cloud infrastructures will increase. Almost as if on cue, a report surfaced the same day that the Zeus Trojan was observed abusing the Amazon EC2 (Elastic Compute […]

Read the full article →

The Root of the Botnet Epidemic

by Shanmuga

"Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it […]

Read the full article →

3 Basic Steps to Avoid Joining a Botnet

by Shanmuga

"Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can […]

Read the full article →

How a Botnet Gets Its Name

by Shanmuga

"Because the security industry lacks a uniform way to title botnets, the result is sometimes a long list of names for the same botnet that are used by different antivirus vendors and that can be confusing to customers. As it stands now, the infamous Conficker is also known as Downup, Downadup and Kido. The Srizbi […]

Read the full article →

Is your PC part of a Zombie Botnet? Check now!

by Shanmuga

Bots, Botnets and Botmaster A malicious bot short for a RoBOT or a zombie is a computer that allows someone other than the actual owner to gain complete control over itself. The attacker takes control of the target computer by infecting it with malicious code designed for the purpose. A virtual network of such compromised […]

Read the full article →

Defying Experts, Rogue Computer Code Still Lurks

by Shanmuga

"Like a ghost ship, a rogue software program that glided onto the Internet last November has confounded the efforts of top security experts to eradicate the program and trace its origins and purpose, exposing serious weaknesses in the world’s digital infrastructure.

Read the full article →

Botnets: 4 Reasons It’s Getting Harder to Find and Fight Them

by Shanmuga

"The perpetual proliferation of botnets is hardly surprising when one considers just how easy it is for the bad guys to hijack computers without tipping off the users. Botnets have long used a variety of configurations, in part to disguise their control mechanisms.

Read the full article →

Inside BBC’s Chimera botnet

by Shanmuga

"the controversial BBC purchase of a botnet and modifying the infected hosts in the name of “public interest” sparked a lot of debate on the pros and cons of their action. Condemned by certain security vendors, and naturally, at least from guerrilla PR perspective, applauded and encouraged as a awareness raising tactic by others, the […]

Read the full article →

Conficker and April 1st: Q and A

by Shanmuga

" Q: I heard something really bad is going to happen on the Internet on April 1st! Will it? A: No, not really. Q: Seriously, the Conficker worm is going to do something bad on April 1st, right? A: The Conficker aka Downadup worm is going to change it’s operation a bit, but that’s unlikely […]

Read the full article →

Conficker Removal Instructions and Tools

by Shanmuga

This week SANS Internet Storm Center updated their page on mitigating Conficker. They provide links to Conficker removal instructions from Microsoft, Kaspersky, BitDefender, TrendMicro and Sophos. Conficker removal tools from Microsoft MSRT, F-Secure, AhnLab, Symantec, McAfee, ESET, BitDefender, Kaspersky, Kaspersky and Sophos.

Read the full article →

Conficker.C primed for April Fool’s activation

by Shanmuga

"CA (formerly Computer Associates) has published an extensive guide to Conficker.C, which includes information on its attack vectors, behavioral analysis, and how to tell if the "C" variant of Conficker is running on your system. This last part could pose a challenge—unlike previous versions, C adopts what DeBolt refers to as a "defensive stance" and […]

Read the full article →

Is Your PC Part of a Botnet?

by Shanmuga

"So how can you tell if you’re machine is part of a botnet and what can you do about it? Statistically, Macs are safe from botnets, although not completely immune to all threats as we noted here. But if you have a Windows based machine, Prevx suggests you stay on the lookout for an Internet […]

Read the full article →

BBC team buys a botnet, DDoSes security company Prevx

by Shanmuga

"In a bit of an awkward and highly unnecessary move, a team at the BBC’s technology program Click has purchased a botnet consisting of 22,000 malware infected PCs, self-spammed themselves on a Gmail account, and later on DDoS-ed a a backup site owned by security company Prevx (with prior agreement), all for the sake of […]

Read the full article →

Researchers Hijack Storm Worm to Track Profits

by Shanmuga

"A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam.

Read the full article →

Bots exploiting Microsoft’s latest RPC flaw

by Shanmuga

"Several antivirus vendors are reporting on Monday a new round of exploitation of Microsoft’s out-of-cycle security bulletin last month. The flaw in MS08-067, which affects how remote procedure calls (RPC) are handled in the Windows Server Service, has the potential to become a fast-spreading worm, according to Microsoft. But experts predict any exploitation will be […]

Read the full article →

Is Rock Phish cybergang set for a comeback?

by Shanmuga

"”Rock Phish is making an investment in their own infrastructure by upgrading their botnet,” says Sean Brady, product marketing manager at RSA. RSA, whose FraudAction Research Lab has posted a blog item on the topic, says the end result could be a surge in phishing attacks in the near future.

Read the full article →

Rustock and Srizbi botnets share a common trojan

by Shanmuga

"Two of the world’s largest and most prolific spamming botnets have been spotted sharing a common bot malware-delivery method. But whether that means that the operators of the rival Rustock and Srizbi botnets are actually in cahoots is unclear, security researchers say.

Read the full article →

Security: New BotSniffer better able to detect foul stench of botnets

by Shanmuga

"Researchers at Georgia Tech have published a paper on BotSniffer—a program they’ve designed to detect and disable botnets. Botsniffer is not the only bot-detection program available, but the Georgia Tech research team believes that the program’s approach to the botnet issue results in a better correlation rate and a lower number of false positives.

Read the full article →

Security: Limelight kills botnets better than cops do

by Shanmuga

"Botnet operators have become public enemy number-one as consumers, businesses and governments fall foul to identity theft, DDoS attacks and spam. Yet no one appears to be able to stop the spread of bots — except maybe the media.

Read the full article →