RSS Alerts

Share

More services

Related Links

Related Stories

  • New types of trojan malware appearing says Finjan
    Computer security researchers say that a new type of trojan horse software has been used to steal money from consumers' bank accounts in Germany.
  • GoldenCashWorld botnet, malware and hacker data exchange portal revealed
    Security researchers with Finjan have uncovered a highly sophisticated online botnet, malware and hacker exchange network for buying and selling access to infected PCs.
  • Estonia takes down massive cybercriminal net
    Reports are coming in that officials in Estonia – arguably one of the most internet-savvy governments in the world – have taken down a massive DNS-changing cybercrime operation involving a click-fraud program that infected more than four million computers in over 100 countries.
  • You Dirty, Shady RAT
    The latest APT to come to light is what McAfee has dubbed ‘Shady RAT’. But the folks at Kaspersky have voiced some objections. Drew Amorosi examines the threat…and the controversy
  • Rustock botnet down; global spam volumes slump
    It looks like the resurgence of the infamous Rustock botnet – which returned after a near-outage over Christmas and New Year's – has ended, as unconfirmed reports suggest that it has been taken down.

Top 5 Stories

News

Finjan uncovers one of world's largest botnets

22 April 2009

Finjan has uncovered what appears to be one of the largest bot networks controlled by a single cybercrime gang, with 1.9 million infected zombie computers forming the swarm.

The business internet security vendor says that the botnet has been operational since February.

Hosted in the Ukraine, the swarm is reportedly being controlled by a gang of six people who are instructing infected Windows XP-based machines to copy files, record keystrokes, send spam, and take screenshots,

Reports suggest that the Ukrainian gang has compromised computers in 77 government-owned domains around the world, although around half of the infected PCs are located in the US.

According to Finjan, almost 80% of infected systems are running Internet Explorer, while 15% are using Mozilla Firefox,

Since the discovery of its findings, the company says it has provided UK and US law enforcement with information about the botnet server.

Yuval Ben-Itzhak, Finjan's chief technology officer, says that, as the company predicted at the end of last year, cybercriminals keep on looking for improved methods to distribute their malware and Trojans are winning the race.

The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar, he says, adding that, as big money drives today's cybercrime activities, organisations and corporations need to protect their valuable data to prevent theft by these kind of sophisticated cyberattacks.

Screenshots and examples taken from the command and control server can be found on Finjan's MCRC blog post here.

 

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012