Bonum Certa Men Certa

Internet Mayhem With Microsoft Windows Botnets

Fire



Summary: News reports about security, mostly from IDG and almost exclusively about Microsoft and Windows

ZeuS Botnet Still Mutating, Still on the Move

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC.


ZeuS botnet code keeps getting better for criminals

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC.

[...]

The Windows-based ZeuS Trojan software, which takes up about 50,000 bytes on a compromised Windows-based computer, is designed to plunder accounts in North American and United Kingdom banking systems via the victim's computer. The criminal might be located a continent away, directing unauthorized transfers of funds to accounts through elaborate command-and-control systems.


One-third of orphaned Zeus botnets find way home

The takedown of 100 servers used to control Zeus-related botnets may be a short-lived victory, security researchers said after discovering that about a third of the orphaned channels were able to regain connectivity in less than 48 hours.

The resurrection of at least 30 command and control channels came after their internet service provider found a new upstream provider to provide connectivity to the outside world, autonomous system records showed on Thursday. As a result, some of the rogue customers who used the Troyak ISP to herd huge numbers of infected PCs were able to once again connect to the compromised machines and issue commands.


Zeus Botnet Dealt a Blow as ISP Troyak Knocked out

After Takedown, Botnet-linked ISP Troyak Resurfaces (Windows not mentioned)

Zeus is a botnet kit used by a large number of cybercriminals. Researchers have counted 249 Zeus command-and-control servers to date. Another Internet service provider named Group 3 was also knocked offline Wednesday. It has not been reconnected, however.


Estonian DDoS revenge worm crafter jailed

An Estonian virus writer has been jailed for two and a half years for creating a Windows worm family that launched denial of service attacks on the websites of a local insurance firm and ISP.

Artur Boiko, 44, was convicted by a jury of creating the Allaple worm and sentenced to two years and seven months following a trial. Boiko pleaded not guilty but prosecutors persuaded the jury that he became a malware author in late 2006 to seek revenge against insurance firm IF following a dispute over a rejected car accident insurance claim.


FBI Embeds Cyber-investigators in Ukraine, Estonia

Hoping to catch cybercrooks, the U.S. Federal Bureau of Investigation has begun embedding agents with law enforcement agencies in Estonia, the Ukraine and the Netherlands.


Homeland Security is recruiting new cyber-warriors (they aim for prevention after the act instead of eternal cure)

Department of Homeland Security Janet Napolitano said during a keynote speech today that her agency has new authority to beef up the department's team of cyber-warriors and couldn't help making her pitch before the thousands of security experts in the room.


Professor Gets Money For Cybersecurity Research

More problems surfacing:

New Internet Explorer Flaw Revealed

Microsoft Warns of New Bug Affecting IE Users

Microsoft warns of new IE bug; attacks under way

IE Zero-day Exploit Code Goes Public

Exploit code for the unpatched bug in Internet Explorer was published on the Web yesterday, a step security pros said earlier would be the precursor to widespread attacks.


McAfee inadvertently speeds creation of Metaploit IE exploit pack

Chinese Hack Attacks Said Likely to Recur (Internet Explorer was the cause [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12])

Recent Internet attacks from China against Google and other U.S. companies will more than double this year if the pace during the first two months continues, a security expert says.


US expert: Chinese gov't likely behind massive cyberattacks

The Chinese government is likely behind recent cyberattacks on U.S. government Web sites and on U.S. companies in an apparent effort to quash criticism of the government there, an expert on U.S. and Chinese relations said Wednesday.


FBI Director: Hackers Have Corrupted Valuable Data

Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday.


FBI: Cyberfraud Losses Doubled in 2009 (no wonder it costs so much to recover)

Last year was a tough one for most businesses, but for cybercriminals it was one of the best yet.

According to data released Friday by the U.S. Federal Bureau of Investigation's Internet Crime Complaint Center (IC3), victims reported total losses of US$559.7 million in 2009, more than double the tally for 2008.


Trojan armed with hardware-based anti-piracy control

The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what's found in Microsoft Windows.

The newest version with bare-bones capabilities starts at $4,000 and additional features can fetch as much as $10,000. The new feature is designed to prevent what Microsoft refers to as "casual copying" by ensuring that only one computer can run a licensed version of the program. After it is installed, users must obtain a key that's good for just that one machine.


Zombies in another sense (traditional and not harmful):

Six Essential IPhone Apps for a Zombie Attack

ZombieSmash Coming to IPhone

Recent Techrights' Posts

Nat Friedman Had Left Microsoft GitHub Exactly One Week Before Matthew Garrett Sent His First SLAPP (Which Was an Empty Threat, He Was Abusing the Legal System of Another Continent to Terrorise Critics Who Had Just Unearthed Major Microsoft Scandals)
And it was likely talked about by his lawyers around the exact same time Nat Friedman was packing up
 
Extortion is a Crime, Even If You're Based in Another Continent and Work for Microsoft
reported to British authorities
We're in 6/6 Now, Almost Halfway in 2025
2025 was probably the best year for us
South Americans Are Saying Goodbye to Microsoft
We're hardly even "Cherry-Picking" or conveniently singling out one South American nation
Abuse Inside the Polish Patent Office (UPRP) - Part III: Data Protection Failures, Just Like at the European Patent Office (EPO)
Just less than a decade ago we showed that the EPO had illegally shared staff data with third parties
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 05, 2025
IRC logs for Thursday, June 05, 2025
Pushing Microsoft's Proprietary Trash/Trap as "Open" and "Linux" (Windows is 'Linux' Now?)
Maybe it's time to just stop saying "FOSS". The people who use that term are promoting Microsoft.
Slopwatch: Comparing Linux to Vermin, Attacking BSD With LLM Slop, and Helping Microsoft Demonise Linux/OpenBSD/SSH Over Weak User Passwords
Microsoft must be laughing its arse off, seeing how a bunch of Serial Sloppers (no skills, no comprehension, no integrity, no creativity) and slopfarms use Microsoft LLM to flood the Web with anti-Linux FUD
Links 05/06/2025: US Poised for Another $2.4 Trillion to Debt, Cops Want GAFAM Kill Switches
Links for the day
Links 05/06/2025: First US Spacewalk 60 Years Ago, GNU Octave 10.2.0 is Out
Links for the day
Scandinavia Saying Goodbye to Microsoft
The Danes have had enough of Microsoft
GNU/Linux Measured at 6% in Bangladesh, According to statCounter
Windows isn't growing, it's going away
Gemini Links 05/06/2025: Loop Earplugs Review and ANS Forth
Links for the day
Armenian Adoption of GNU/Linux
Russian influence in Armenian must be worrying to Microsoft
Abuse Inside the Polish Patent Office (UPRP) - Part II: Turning a Once-Respected Patent Office Into a Circus and Laughing Stock
It's not legal, but administrators who don't care about the law and don't fear the law would just go ahead and turn things to junk
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 04, 2025
IRC logs for Wednesday, June 04, 2025
Slopwatch: Mindless Slop Pieces, Fake Images and Text, Linux FUD on the Cheap
spewed out by Microsoft-controlled LLMs
Links 04/06/2025: Workers' Strikes, Sudan Exodus
Links for the day
Links 04/06/2025: Linux Foundation PR Spam and Lee Jae-myung Wins Election
Links for the day
Gemini Links 04/06/2025: Future Leaders of the World and Platforming Jordan Peterson
Links for the day
Links 04/06/2025: WSL Backfiring on Microsoft and "Disney, Microsoft Announce Massive Layoffs"
Links for the day
Our Case is a Very Easy Win, the SLAPPs From Microsofters Were a Grave Error, and Censoring Information Won't Work (It'll Only Ever Backfire)
Censoring is what people do when they lose the argument
Say the Truth, the Rest Will Follow
There's no guarantee that writing the truth will result in an audience (or readership), but over time - in the long run - people generally gravitate towards what they know or feel to be crude truth, not just what's comforting (albeit false or self-deluding, usually groupthink dictated from above)
How to Expose High-Level Corruption Without Getting in (Too Much) Trouble
Democracy depends on free press and freedom of the press depends on being able to safely publish (and keep available) material that bad people don't want to be known to anybody
In-Depth EPO Coverage at Techrights Turns Eleven
11 years is a very long time
Windows Measured Below 10% in Afghanistan, GNU/Linux Gaining a Lot
about 80% are Android (Linux) users, compared to only about 10% for Windows
Poland's Political Predicament and Social Control Media
Democracy and fake "tech" don't mix well; the latter tends to interfere with the former and that's why we get more "Putins" out there
EPO: Taking Away From the Staff to Give More to the Rich
The Central Staff Committee (CSC) wrote to EPO staff earlier this week
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 03, 2025
IRC logs for Tuesday, June 03, 2025
Abuse Inside the Polish Patent Office (UPRP) - Part I: It's a Lot Like the EPO
we can commence a series soon
Gemini Links 04/06/2025: Inescapable Questions and Quitting All "Oligarch Tech"
Links for the day