03.14.10

Internet Mayhem With Microsoft Windows Botnets

Posted in Microsoft, Security, Windows at 5:19 pm by Dr. Roy Schestowitz

Fire

Summary: News reports about security, mostly from IDG and almost exclusively about Microsoft and Windows

ZeuS Botnet Still Mutating, Still on the Move

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC.

ZeuS botnet code keeps getting better for criminals

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC.

[...]

The Windows-based ZeuS Trojan software, which takes up about 50,000 bytes on a compromised Windows-based computer, is designed to plunder accounts in North American and United Kingdom banking systems via the victim’s computer. The criminal might be located a continent away, directing unauthorized transfers of funds to accounts through elaborate command-and-control systems.

One-third of orphaned Zeus botnets find way home

The takedown of 100 servers used to control Zeus-related botnets may be a short-lived victory, security researchers said after discovering that about a third of the orphaned channels were able to regain connectivity in less than 48 hours.

The resurrection of at least 30 command and control channels came after their internet service provider found a new upstream provider to provide connectivity to the outside world, autonomous system records showed on Thursday. As a result, some of the rogue customers who used the Troyak ISP to herd huge numbers of infected PCs were able to once again connect to the compromised machines and issue commands.

Zeus Botnet Dealt a Blow as ISP Troyak Knocked out

After Takedown, Botnet-linked ISP Troyak Resurfaces (Windows not mentioned)

Zeus is a botnet kit used by a large number of cybercriminals. Researchers have counted 249 Zeus command-and-control servers to date. Another Internet service provider named Group 3 was also knocked offline Wednesday. It has not been reconnected, however.

Estonian DDoS revenge worm crafter jailed

An Estonian virus writer has been jailed for two and a half years for creating a Windows worm family that launched denial of service attacks on the websites of a local insurance firm and ISP.

Artur Boiko, 44, was convicted by a jury of creating the Allaple worm and sentenced to two years and seven months following a trial. Boiko pleaded not guilty but prosecutors persuaded the jury that he became a malware author in late 2006 to seek revenge against insurance firm IF following a dispute over a rejected car accident insurance claim.

FBI Embeds Cyber-investigators in Ukraine, Estonia

Hoping to catch cybercrooks, the U.S. Federal Bureau of Investigation has begun embedding agents with law enforcement agencies in Estonia, the Ukraine and the Netherlands.

Homeland Security is recruiting new cyber-warriors (they aim for prevention after the act instead of eternal cure)

Department of Homeland Security Janet Napolitano said during a keynote speech today that her agency has new authority to beef up the department’s team of cyber-warriors and couldn’t help making her pitch before the thousands of security experts in the room.

Professor Gets Money For Cybersecurity Research

More problems surfacing:

New Internet Explorer Flaw Revealed

Microsoft Warns of New Bug Affecting IE Users

Microsoft warns of new IE bug; attacks under way

IE Zero-day Exploit Code Goes Public

Exploit code for the unpatched bug in Internet Explorer was published on the Web yesterday, a step security pros said earlier would be the precursor to widespread attacks.

McAfee inadvertently speeds creation of Metaploit IE exploit pack

Chinese Hack Attacks Said Likely to Recur (Internet Explorer was the cause [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12])

Recent Internet attacks from China against Google and other U.S. companies will more than double this year if the pace during the first two months continues, a security expert says.

US expert: Chinese gov’t likely behind massive cyberattacks

The Chinese government is likely behind recent cyberattacks on U.S. government Web sites and on U.S. companies in an apparent effort to quash criticism of the government there, an expert on U.S. and Chinese relations said Wednesday.

FBI Director: Hackers Have Corrupted Valuable Data

Hackers breaking into businesses and government agencies with targeted attacks have not only stolen intellectual property, in some cases they have corrupted data too, the head of the U.S. Federal Bureau of Investigation said Thursday.

FBI: Cyberfraud Losses Doubled in 2009 (no wonder it costs so much to recover)

Last year was a tough one for most businesses, but for cybercriminals it was one of the best yet.

According to data released Friday by the U.S. Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3), victims reported total losses of US$559.7 million in 2009, more than double the tally for 2008.

Trojan armed with hardware-based anti-piracy control

The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what’s found in Microsoft Windows.

The newest version with bare-bones capabilities starts at $4,000 and additional features can fetch as much as $10,000. The new feature is designed to prevent what Microsoft refers to as “casual copying” by ensuring that only one computer can run a licensed version of the program. After it is installed, users must obtain a key that’s good for just that one machine.

Zombies in another sense (traditional and not harmful):

Six Essential IPhone Apps for a Zombie Attack

ZombieSmash Coming to IPhone

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2010/03/14/zeus-msie-and-beyond/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Links 18/6/2021: Mir 2.4, ActivityWatch 0.11, Microsoft Breaks Its Own Repos

    Links for the day

  2. [Meme] When the 'Court' Drops

    As the EPO sneakily outsourced courts to American companies and parties in dispute depend on their ISP for “access to justice” there’s a catastrophic impact on the very concept of justice or the right to be heard (sometimes you don’t hear anything and/or cannot be heard)

  3. The EPO's Virtual Injustice and Virtual ('News') Media

    A discussion of this morning's post (part 10 in a series) about the shallow media/blog coverage that followed or accompanied last month's notorious EPO hearing

  4. Links 18/6/2021: LibreOffice 7.2 Beta, Elementary OS 6.0 Beta 2, and Linux Mint 20.2 “Uma” Beta

    Links for the day

  5. The Self-Hosting Song

    Cautionary tales about outsourcing one's systems to companies that could not care less about anyone but themselves

  6. IRC Proceedings: Thursday, June 17, 2021

    IRC logs for Thursday, June 17, 2021

  7. [Meme] Swedish Justice

    The EPO‘s patent tribunals have been mostly symbolic under the Benoît Battistelli and António Campinos regimes; giving them back their autonomy (and removing those who help Battistelli and Campinos attack their autonomy) is the only way to go now

  8. Virtual Injustice -- Part 10: Vapid and Superficial Coverage in the 'IP' Blogosphere

    The media has come under attack by Benoît Battistelli; during the term of António Campinos most of the media critical of the EPO has mostly vanished already; so one needs to look carefully at comments and social control media

  9. Links 18/6/2021: RasPad 3 and Pushing Rust Into the Linux Kernel

    Links for the day

  10. Heli Pihlajamaa Promoting Software Patents to Patent Maximalists

    "Ms Pyjamas" from the EPO is promoting illegal software patents to a bunch of patent zealots (CIPA)

  11. The Lying by Team UPC, Led Again by Kevin Mooney

    Team UPC, or specifically Mr. Mooney, lies to the public about the prospects of the UPC; similarly, EPO and EU officials keep bringing up false claims about the UPC, so while the UPC itself has likely died for good the lies have not

  12. Links 17/6/2021: Cutelyst 3 and Lenovo Move Towards ThinkPad BIOS Configuration From Within Linux

    Links for the day

  13. Too Much Noise and/or Distraction and General Loss of Focus (on the Real and Urgent Issues, Such as the Ongoing Anti-FSF 'Coup')

    The media is full of Microsoft fluff and technical blog posts still focus on the Freenode fiasco, among other things that don't matter all that much; but we certainly need to talk about steps undertaken to undermine the FSF's power because long-term ramifications may be huge

  14. [Meme] The Enlarged Bored People With Presidential Decrees

    The laughable state of the EPO‘s EBA (or EBoA) is rarely commented on anymore, not even in so-called ‘IP’ blogs; maybe they’re just so eager to see patents on everything, even European software patents, so tyrants who destroy the courts (with UPC lobbying and removal of EBA independence) don’t bother them so much anymore

  15. Response to Misinformation From EPO Officials

    Opponents of European software patents are clearly being mischaracterised by EPO officials, who also use meaningless buzzwords to promote such patents; as an aside or footnote that relates to our ongoing series we’re making this quick video, which is days late

  16. [Meme] Tilting the Scales for Software Patents

    Shovelling up lots of patents, even worthless patents such as software patents, dooms the EPO (EPC violations, lawlessness), dooms European professionals, but the wrong people have been put in charge and courts are being intimidated by them

  17. Virtual Injustice -- Part 9: Heli, the EPO's Nordic Ice-Queen

    Team Campinos is full of people who instead of grasping and working to promote innovation are boosting the agenda of litigation (scientists are not being employed)

  18. IRC Proceedings: Wednesday, June 16, 2021

    IRC logs for Wednesday, June 16, 2021

  19. Links 17/6/2021: elementary OS 6 Beta 2 and JingPad Linux Tablet Crowdfunding

    Links for the day

  20. Techrights Statement on IRC

    Freenode needs to explain what the hell happened this week and why communities that make up the network weren't informed or consulted

  21. IRC Proceedings: Tuesday, June 15, 2021

    IRC logs for Tuesday, June 15, 2021

  22. Virtual Injustice -- Part 8: A Well-Connected 'IP' Maximalist

    The EPO‘s lobbying for European software patents goes all the way to the top, including António Campinos and his circle

  23. Links 16/6/2021: Alpine 3.14.0 and DXVK 1.9

    Links for the day

  24. Links 15/6/2021: Debian Installer Bullseye RC 2 and Zink Updates

    Links for the day

  25. IRC Proceedings: Monday, June 14, 2021

    IRC logs for Monday, June 14, 2021

  26. Virtual Injustice -- Part 7: Musical Chairs and Revolving Doors

    Cross pollination in Alicante and Munich serves to show that people aren't picked for their skills and experience; it's like a private club or a clique

  27. Hardly Shocking and Not At All Surprising That Thugs Who Run the EPO Hired External Thugs to Help Them Oppress Aggrieved Staff

    With the EPO's management flooding the bank accounts of aggressive law firms (at our expense) we need to ask serious questions about how such a "Mafia" (what EPO staff calls the management) managed to metastasise inside Europe's second-largest institution and how to remove this "Mafia" as soon as possible (some arrests too are well overdue)

  28. [Meme] There Are No Elections in Mafia-Type Regimes; It's About Family and Friends...

    With no real concept or notion of "elections" (the so-called 'mafia' members choose their successors and colleagues) the EPO's patent examiners clearly need outside intervention, e.g. inquest by the EU authorities (the EPC died and maybe the EPO too; it's unregulated and it grants false patents that harm Europe because the courts don't function, either)

  29. Today's Linux Standing for the Opposite of What Linux Users Stand for

    The so-called 'Linux' Foundation or the "Corporate Linux Foundation" is alienating many of the original users of GNU/Linux and it still insults their intelligence; it's rewriting history, it still distorts the objectives, and before we know Linux will perish and lose momentum because all the excitement associated with the brand will fizzle away

  30. Links 14/6/2021: Kdenlive 21.04.2 and Raspberry Pi 400 Support in Linux

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts