RSS Alerts

Related Links

Related Stories

  • Kaspersky reveals price list for botnet attacks
    A sophisticated underground economy has grown up to exploit the millions of personal computers that have been infected with rogue software that turns them into 'zombies' controlled by botnet masters, says an IT security expert.
  • Botnets arrive on mobile phones - first worm has been spotted
    A mobile phone worm called Sexy Space has been spotted by Trend Micro and is the first, the IT security vendor says, to spread itself by spamming text (SMS) messages.
  • PC infections on the rise due to botnets
    Research from IT security vendor McAfee suggests that PC infections are on the rise once again, largely as a result of botnet operators rebuilding their swarms of infected machines in the wake of the recent McColo ISP shutdown.
  • Israeli-Hamas battle escalates to botnets
    The ongoing conflict between Israel and Hamas in the Middle East has escalated beyond a spat of hacker Web site attacks plus defacements and into the realms of botware.
  • Zero Day of the Dead
    The data load that has accompanied the globalization of trade would make even Atlas stagger. And that’s without the added burden of counter-terrorisAs you read this, zombie programs are flitting across the internet like a pestilence to infect and drain the life from innocent computer systems. Yet, for all the aggravation and grief they cause, you may never know you are part of a global invasion of the system snatchers, says William Knight. Unless…

News

Zeus botnet traced to Latvian operation

04 August 2009

Researchers have been busy over the last few days tracing where the Zeus botnet is being controlled from, following investigations by the University of Alabama in the US, which tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the internet.

University researchers said that the malware - rated as one of the most pervasive in North America for some time - was last week infecting 3.6 million PCs in the US.

Gary Warner, director of forensics with the university, said at the time the fake postcards ask users to click and download to view the contents, and as soon as that click is made, the Zeus Bot malware has infected their computers.

Once the virus is on a computer, he said, it becomes a part of the Zeus Botnet and is able to steal website data from victims.

The Financial Times reports that Zeus has been traced to the Junik server farm in Riga, Latvia. and that the server facility had been rented out to a company called Real Host.

The Zeus botnet has also been linked to Rock Phish, a Russian-led criminal gang blamed for half of the world's phishing attacks to steal card and banking data,

Despite these revelations, it remains unclear how much of the Zeus botnet that Real Host's servers actually control, said the FT, adding that it is difficult to pin-point the centre of a botnet that is as large as Zeus.

Latvia's computing authority is reportedly investigating Real Host for other possible illegal activities, said the paper.

 

This article is featured in:
Application Security Internet and Network Security Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water