Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Rustock and Srizbi botnets share a common trojan

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg | del.icio.us

"Two of the world’s largest and most prolific spamming botnets have been spotted sharing a common bot malware-delivery method. But whether that means that the operators of the rival Rustock and Srizbi botnets are actually in cahoots is unclear, security researchers say.

Rustock, which recently edged Srizbi for the top slot as the biggest spammer mostly due to a wave of fake Olympics and CNN news spam, and Srizbi, known for fake video and DVD spam, have been using the same Trojan, Trojan.Exchanger, to download their bot malware updates, researchers say. “This is the first time” we had seen this connection between the two botnets, says Fengmin Gong, chief security content officer for anti-botnet software firm FireEye. “That’s why when we saw it, it was surprising.”" – Content courtesy of Rival Botnets Share a Common Bond, Researchers Find – Desktop Security News Analysis – Dark Reading

You may also like to read



{ 2 comments… read them below or add one }

bob August 23, 2008 at 10:03 PM

Amazing facts…
So they are actually fooling the world…amazing these guys are doing these nasty things for so long and still federal agencies are helpless against them…

Some more insight inside these botnets..this time FE guys talkin about their common cncs..

http://blog.fireeye.com/research/2008/08/srizbi-and-ru-1.html

Reply

Shanmuga August 23, 2008 at 10:48 PM

Thanks for sharing the link bob, the way fireeye connected the dots was really commendable!

Reply

Leave a Comment

Previous post:

Next post: