Mapping the Criminal-ISP Infrastructure

According to a report issued today, eight networks connect directly to the botnet-hosting ISP Troyak and four other upstream providers that “surround the malicious core,” and help to “mask the true malware-hosting armada and provide solid uptime to the malware servers” for ZeuS botnets, Gozi, and...

Waledac Botnet Now Completely Crippled, Experts Say

After Microsoft’s actions to take down the Waledac botnet last month, there was some question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections. But more than three weeks after the takedown, researchers sa...

ZeuS Botnet Module Gives Total PC Control

New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house ACH networks and payroll systems. The latest version of this cybercrime toolkit offers a $10,000 module that can...

Is That a Bot In Your Pocket? Or Does It Just Look Like One?

Last week at the RSA Conference, my colleague Derek Brown and I, presented findings from a research project titled MOBOTS: Pocketful of Pwnage, which was designed to show how easy it would be to create a large mobile botnet. Please note that we did not actually create a botnet; we simply presente...

Vodafone-Distributed Handset Found Pre-installed With Mariposa Bot

Security researchers have found the Mariposa bot client pre-installed on a mobile phone handset distributed in Europe, and say that the malware looks to have been installed on the phone’s memory card. The phone, the HTC Magic, runs the Google Android mobile operating system, and is a low-priced...

RSA 2010: Researchers Demo Mobile Botnet from Smartphone App

A pair of researchers has amassed nearly 8,000 iPhones and Android smartphones in an experimental mobile botnet that demonstrates the ease of spreading potentially malicious applications on these devices. Read the full article. Dark Reading...

RSA 2010: BlackEnergy 2 Botnet Revealed

Like the sequel to a successful movie, the botnet behind the distributed denial of service attacks that hit the country of Georgia during its conflict with Russia in 2008 has been updated. This time though, the idea isn’t hacktivism—it’s stealing financial data and, unlike in the case of other...

To Catch a Botnet: How Mariposa Was Busted

More details follow the news of the Spanish botnet Mariposa and its owners being caught. The Mariposa Working Group infiltrated the command-and-control structure of Mariposa to monitor the communication channels that relayed information from compromised systems back to the hackers who run the...

Mariposa Botnet Caught and Killed

Authorities have smashed one of the world’s biggest networks of virus-infected computers known as the Mariposa botnet, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs. Read the full article. Associated Press...

Honeypots Threatened By Zombies

Innovations in botnet technology threaten the usefulness of honeypots, one of the main ways to study how bot herders control networks of zombie PCs. Computer scientists led by Cliff Zou and colleagues at the University of Central Florida warn that bot herders can now avoid honeypots – unprotected...

T.J. Campana on the Waledac Botnet Takedown

Dennis Fisher and Ryan Naraine talk with Microsoft’s T.J. Campana about the company’s work to disrupt and take down the Waledac botnet and the other work being done by Microsoft’s Digital Crimes Unit. Podcast audio courtesy of sykboy65 Subscribe to the Digital Underground podcast on...

A Closer Look at the Koobface Gang

The Koobface botnet is the tip of the iceberg for the malicious operations of the online crime ring. Here are the top 10 things you didn’t know about the Koobface gang. Read the full article. ZDNet...

Waledac Spam Botnet Domains Neutered

With the help of a U.S. federal judge, Microsoft has struck a blow against one of the Internet’s worst sources of spam: the notorious Waledac botnet. Microsoft said that it had been granted a court order that will cut off 277 .com domains associated with the botnet. Read the full article...

Botnet: Kneber

Kneber Zbot, BTN1 is a form of malware which is reported to have affected more than 74,000 PCs in 2,400 business and government systems around the world. Kneber, named after the username linking the infected computers worldwide Hilary Kneber, is related to the ZeuS botnet, a malware botnet packag...

Chuck Norris Botnet Discovered By Honeypot

Czech security experts say they have uncovered a global botnet that may be redirecting Web surfers to other sites for the purpose of stealing their data. The botnet’s creators have dubbed the network “Chuck Norris” after the famous Hollywood actor and martial arts expert. Read the full article...

Frequently Asked Questions On The Kneber Botnet

How did the Kneber botnet manage to stay beneath the radar? Who’s behind it? Is it an isolated underground project, or a part of the malicious portfolio of a cybercrime organization diversifying on multiple fronts within the underground marketplace? Read the full article. ZDNet...

Kneber Botnet Infiltrated 74,000 Systems

More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, researchers have discovered. Read the full article. cnet...

Behind the Scenes of the Botnet Epidemic

2009 saw many, many new botnet outbreaks and advancements in their criminal management. Throughout the year Damballa tracked thousands of distinct criminal operated botnets and identified millions of newly compromised enterprise systems each day. This week I’m going to share some of our findings...

Zeus Botnet Steals $150K from Michigan Company

An insurance firm in Michigan lost nearly $150,000 this month as a result of a single computer virus infection. Read the full article. KrebsonSecurity...

New Criminal Toolkit Touts Zeus Killing

Purveyors of a new botnet toolkit are touting a feature aimed at aspiring cybercriminals: the opportunity to commandeer computers already compromised by an established crimeware package known as Zeus. Read the full article. The Register...