Tag Archive for: botnet

New Android malware poses as popular game, but enlists phones into botnet – ZDNet

/in

ZDNet

New Android malware poses as popular game, but enlists phones into botnet
ZDNet
The sophisticated malware campaign consists of a number of games and apps that are readily available through Google Play, the app store for Android devices. At least five instances of the app have so far been able to evade Google Play's malware scans
Viking Horde malware attacks Android devicesCNET
Viking Horde malware uses Google Play Store to infect Android devicesSlashGear
Viking Horde malware invades Android devices via Google PlayInquirer
Techworm –Softpedia News
all 87 news articles »

android botnet – read more

Researchers help shut down spam botnet that enslaved 4,000 Linux machines

/in

Spam. (credit: Sean MacEntee)

A botnet that enslaved about 4,000 Linux computers and caused them to blast the Internet with spam for more than a year has finally been shut down.

Known as Mumblehard, the botnet was the product of highly skilled developers. It used a custom “packer” to conceal the Perl-based source code that made it run, a backdoor that gave attackers persistent access, and a mail daemon that was able to send large volumes of spam. Command servers that coordinated the compromised machines’ operations could also send messages to Spamhaus requesting the delisting of any Mumblehard-based IP addresses that sneaked into the real-time composite blocking list, or CBL, maintained by the anti-spam service.

“There was a script automatically monitoring the CBL for the IP addresses of all the spam-bots,” researchers from security firm Eset wrote in a blog post published Thursday. “If one was found to be blacklisted, this script requested the delisting of the IP address. Such requests are protected with a CAPTCHA to avoid automation, but OCR (or an external service if OCR didn’t work) was used to break the protection.”

Read 2 remaining paragraphs | Comments

Technology Lab – Ars Technica

New attack campaign against SMBs uses a botnet to deliver PoS malware

/in

A group of sophisticated attackers are repurposing penetration testing tools to break into the networks of small and medium-size businesses worldwide with the goal of infecting point-of-sale systems with malware.

The new attack campaign started in September and has been dubbed operation Black Atlas by researchers from antivirus vendor Trend Micro. The attackers use a wide set of tools to scan the Internet and identify potential weak spots in the networks of various organizations, the researchers said.

Their toolset includes port scanners, brute-force password guessing tools, SMTP (Simple Mail Transfer Protocol) scanners, remote desktop viewers and other attack applications that are easy to find on the Internet.

To read this article in full or to leave a comment, please click here

Network World Security

FBI, DoJ take out $10 Million “Bugat” banking botnet

/in

The FBI and US Department of Justice today said they disrupted the activities and arrested the administrator of the botnet known as “Bugat,”  “Cridex” or “Dridex,” which authorities said pilfered over $ 10 million.

More on Network World: Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know

The FBI called Bugat a sophisticated malware package designed to steal banking and other credentials from infected computers and is generally distributed through phishing. The software typically can upload files from an infected computer and download executable files to the victim’s system. Collected information id sent to the criminal’s system. Bugat is specifically designed to defeat antivirus and other protective measures employed by victims.

To read this article in full or to leave a comment, please click here

Network World Security