Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: The 2007 Pandemic of the botnets

  1. #11
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post

    FYI...

    BotHunter Malware Analysis Automatic Summary Analysis Table
    > http://www.cyber-ta.org/releases/mal...alysis/public/
    (This is a government funded research project so there is no charge for the public distribution.)


    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #12
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation

    FYI...

    Arbor Networks annual security survey
    - http://www.theregister.com/2007/09/1...botnet_survey/
    18 September 2007 - "Arbor Networks' third annual worldwide infrastructure security report* found that, for the first time, botnets surpassed distributed denial of service attacks as the top operational threat identified by service providers. Botnet networks of compromised PCs act as resources to distribute spam, launch denial of service attacks or get up to other forms of mischief. Distributed denial of service (DDoS) attacks represent a major problem, with attack trends changing. While mid-level DDoS attacks have plagued the internet since 2000, survey respondents report a widening gap between common mid-level "amateur" attacks and multi-gigabit "professional" efforts involving tens of thousands of zombie hosts. Most surveyed ISPs reported significant improvements in the sophistication and coordination of DDoS attacks. Surveyed ISPs reported sustained attack rates exceeding 24 Gbps. Most individual core internet backbone links today are no larger than 10 Gbps, which means most of the larger attacks inflict collateral damage on net infrastructures way upstream from the targets of attacks, Arbor notes..."

    * http://www.arbornetworks.com/report
    "Worldwide Infrastructure Security Report Highlights:
    * Bots overtake DDoS as chief security concern - Respondents believed bots and botnets to be a larger threat than DDoS attacks.
    * DDoS attacks going pro - Survey respondents report a widening gap between common mid-level “amateur” attacks and multi-gigabit “professional” efforts.
    * Attacks outpace ISP network growth - Surveyed ISPs reported sustained attack rates exceeding 24 Gbps – more than double the size of these recently upgraded links.
    * VoIP is vulnerable - Only 20 percent of ISPs surveyed currently have specific tools or mechanisms to monitor and detect threats against VoIP.
    * Rise of managed security services - There is a significant increase in the number of service providers offering managed DDoS detection and mitigation services..."

    .
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #13
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy

    FYI...

    Hackers control PCs while users unaware
    - http://www.reuters.com/article/techn...070921?sp=true
    Sep 21, 2007 - "...More important than security software, users need to monitor their own behavior. The bulk of malware is installed on computers by users who either click on a Web link or on a file that is attached to an email or instant message. PC users can greatly reduce the risk of infection by only visiting familiar Web sites and avoiding unknown attachments..."


    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #14
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Angry FBI: Operation 'Bot Roast II' nets hackers

    FYI...

    - http://www.fbi.gov/pressrel/pressrel...oast112907.htm
    November 29, 2007 - "The FBI today announced the results of the second phase of its continuing investigation into a growing and serious problem involving criminal use of botnets. Since Operation 'Bot Roast' was announced last June, eight individuals have been indicted, pled guilty, or been sentenced for crimes related to botnet activity. Additionally, 13 search warrants were served in the U.S. and by overseas law enforcement partners in connection with this operation. This ongoing investigative effort has thus far uncovered more than $20 million in economic loss and more than one million victim computers. FBI Director Robert S. Mueller, III said, "Today, botnets are the weapon of choice of cyber criminals. They seek to conceal their criminal activities by using third party computers as vehicles for their crimes. In Bot Roast II, we see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible for attempting to exploit unknowing Internet users"..."
    - http://abcnews.go.com/print?id=3927818

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #15
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy

    FYI...

    - http://www.darkreading.com/document....797&print=true
    DECEMBER 6, 2007 - "The average life span of a command and control server in an Internet Relay Chat (IRC)-based botnet is less than two months. And these machines and their drones that make up a botnet are typically scattered around the world, a new study* on IRC botnets reveals. German and Chinese researchers from Peking University in Beijing and from the University of Mannheim in Germany teamed up to track and study traditional IRC-based botnets over the last year. They found and followed 3,290 IRC-based botnets in the wild, using a honeynet of 17 nodes in 16 provinces in China and some automated tools... The researchers found more proof of what bot hunters have been saying all along: that IRC is becoming less and less the mode of communication for botnet operators as they attempt to evade detection and stay alive. "Botnets seem to shift away from IRC to protocols like HTTP, Peer-to-Peer-based protocols, or custom protocols," the report says. Still, the researchers consider the relatively short life expectancy of the C&C servers a sign of how flexible these traditional botnet infrastructures are..."
    * http://honeyblog.org/junkyard/report...t-china-TR.pdf

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #16
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post

    FYI...

    SRI Honeynet and BotHunter Malware Analysis
    - http://www.cyber-ta.org/releases/mal...alysis/public/
    last updated: Mon Dec 31 2007 - "The malware infections displayed in our daily infection log summaries were harvested live from the SRI high-interaction honeynet. The daily infection logs (right) present each day's infection summary, and are 100% autogenerated and posted each morning (PT)..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #17
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Cool Canadian botnet busted

    FYI...

    Canadian botnet busted
    - http://www.sophos.com/pressoffice/ne...et-busted.html
    21 February 2008 - "...In a co-ordinated series of dawn raids, the Sûreté du Québec and Royal Canadian Mounted Police, arrested people in 12 different towns, ranging in age from 17 to 26 years old. One of those arrested is a nineteen year old woman. The gang is believed to have run a zombie network (also known as a botnet) of up to one million computers, spanning 100 countries around the globe. Seven people were charged charged with illegally obtaining computer services, illegally possessing computer passwords, and hacking. Police confiscated computer equipment during the raids, and information found on the PCs may lead to more charges against other alleged gang members. If found guilty, gang members could face up to 10 years behind bars, head of the computer crime squad Captain Frédérick Gaudreau told the media, adding that hundreds of officers were involved in the investigation into the gang after complaints were made in the summer of 2006 from business and government computer users..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #18
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Rent-a-bot gang...

    FYI...

    Rent-a-bot gang... spewing malware-laden 3D-screensavers and the like...
    - http://www.channelregister.co.uk/200...c_rises_again/
    13 Mar 2008 - "A notorious malware gang that rented out botnets by the hour has resurfaced after being knocked off line two months ago by a rival band of criminals. The Loads.cc group has been spotted by researchers at Sunbelt Software* pushing toxic 3D screensavers on unsuspecting end users. The software installs malware that points to a server controlled by Loads.cc and then lies in wait for instructions from a command and control server... The gang came to prominence by renting out a botnet that fellow online criminals could use to install and maintain their malware. In October, it boasted more than 35,000 infected machines, according to this post** by researcher Dancho Danchev. Prices ranged from $110 to $220 per thousand infections depending on where they were located..."
    * http://sunbeltblog.blogspot.com/2008...e-gang-re.html

    ** http://ddanchev.blogspot.com/2007/10...d-service.html

    Last edited by AplusWebMaster; 2008-03-13 at 14:04.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #19
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post

    FYI...

    - http://www.darkreading.com/document....801&print=true
    MARCH 19, 2008 - "Federal law enforcement agencies have received a guilty plea from one of the botmasters nabbed last year under Operation Bot Roast. Robert Matthew Bentley, 21, of Panama City, Fla., has pleaded guilty to conspiracy to commit computer fraud and computer fraud, according to the U.S. Department of Justice*. Bentley, one of eight spammers and bot herders nabbed so far under the law enforcement initiative called Operation Bot Roast, reportedly agreed to a detailed factual summary filed at the time of his guilty plea outlining his role in the computer intrusions. Bentley and other unnamed co-conspirators are charged with infecting hundreds of computers in Europe with adware that cost tens of thousands of dollars to detect and neutralize. Bentley and others received payment through a Western European-based operation called Dollar Revenue for unauthorized intrusions and placement of the adware, according to the U.S. Secret Service, which investigated the crime. Bentley used computers in the Northern District of Florida to accomplish the intrusions and to receive payment. Bentley is scheduled to be sentenced by U.S. District Judge Richard Smoak on May 28, 2008. He faces a maximum penalty of 10 years imprisonment, a $250,000 fine, and three years of supervised release for each charge. He must also pay a special monetary assessment of $100 for each charge. Federal authorities say Bentley might get "special consideration" if he agrees to help convict his co-conspirators...
    "The use of botnets is a major focus of computer-related criminal investigations worldwide," Miller said. "Botnets are responsible for much of the malicious activity conducted on the Internet. [Bot herders] operate within a group of computer hackers on a global scale, making this computer crime one of the most pervasive forms of organized criminal activity plaguing law enforcers in this country and abroad.""
    * http://jacksonville.fbi.gov/dojpress...cker030608.htm
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #20
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Angry dslreports DDoS...

    FYI...

    - http://www.theregister.co.uk/2008/03...r_ddos_attack/
    19 March 2008 - "DSL Reports, a website for broadband users, popped back online after being taken down by a distributed denial of service attack. At least 1,100 bot-infested machines took part in the assault, which at one point directed nearly 48MBps of malicious data at the site. The flood continues, although changes to the site's front-end server drastically improved its defenses. Several hours after the attack began, the DDoS was throwing about 12MBps of data at the site, enough for it to stay online... According to researcher Jose Nazario at Arbor Networks, the command and control center of the attacking botnet appears to be located at IP address 79.135.166.122. He is encouraging ISPs to block port 80 traffic to that server, which he says is "a busy DDoS net which has attacked numerous sites around the world..."
    * http://www.dslreports.com/forum/r201...DDOS-site-down

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •