Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Posts Tagged ‘botnets’


Conficker spreads anew, covers tracks and begins pitching fake AntiVirus

Trend Micro virus hunter Ivan Macalintal appears to be the first researcher to identify specific, updated instructions being passed along, node-to-node, among PCs infected with Conficker Variant C.

On April 8, Macalintal isolated an infected PC in Korea that was passing the update across Conficker’s customized P2P network. The PC in Korea received the update from another node on Conficker’s P2P net. Macalintal told LastWatchdog that he also has identified similar P2P transfers taking place amongst Conficker-infected PCs in Thailand.

So the other shoe has fallen. Conficker’s controllers have begun sending malicious payloads to infected PCs. And they did not even have to get infected machines to successfully check in at …more

Could Waledec be the second-coming of the infamous Storm email worm?

ABSOLUTELY DO NOT click on this Couponizer online ad. You will  turn over control of your PC to the Waledec botnet. You will likely  get a banking trojan installed, and your machine performance may slow when your PC is assigned to spread email spam and participate in denial of service attacks.

Not much has been written about Waledec. Yet there is a lot of circumstantial evidence suggesting that it may be the successor to the Storm email worm that infested the Internet from January 2007 through the summer of 2008. Kurt Baumgartner, Vice President of Behavioral Threat Research at PC Tools has been …more

Cisco and Trend Micro offer router-level protection

Cisco Systems and Trend Micro have come up with a nifty way for home owners and small businesses to centrally deploy antivirus protection to a network of devices – just like a big corporation. The two companies announced a partnership to imbed Trend’s antivirus suite in two models of Linksys by Cisco Wireless-N routers.

The concept, called Home Network Defender, makes a lot of sense. It makes it a breeze for those of us operating home or small business networks to keep updated antivirus protection on multiple computers and networking devices. So any PC, laptop, video game console, or other device accessing the Internet via the router is protected. No need …more

$250,000 reward for Conficker controllers’ scalps

That $250,000 bounty Microsoft has put up for the scalps of the controllers of the globe-spanning Conficker worm seems about right. Conficker, aka Downadup,  has now infected the German military, as well as networks of the UK and French Air Forces and England’s Sheffield Teaching Hospitals. After several weeks of informal collaborations, the world’s top virus hunters have formed an official posse to hunt down these very slick bad guys.

“By sharing resources and expertise, this collaborative cross-industry effort is not only protecting infected systems from further damage, but also providing security to the Internet community on the whole,” says Vincent Weafer, VP Symantec …more

Beware of viral Valentine’s Day spam and other scams

Cyber criminals have begun inundating the Internet with Valentine’s Day-themed spam, bogus web deals and even blackmail.

PC Tools has uncovered one of the more innovative variants: an email offer for a “Valentine Devkit” you supposedly  can use to custom design a nifty online Valentine’s card for your sweetheart. Do not click, no matter how cute you think these puppies are!

Other viral Valentine’s spam coming from operators of the Waledec botnet, who are infamous for putting up fake Barack Obama web sites,  come with subject lines such as “a Valentine card from a friend” and “you have received a Valentine e-card.” Two other rival spam botnets are using similar …more

FAQ — The Ominous Downadup/Conficker worm

The creators/controllers of the unnerving Downadup/Conficker worm that continues to spread, mostly via unpatched Windows PCs inside corporate networks, have been very good about  holding their cards close, giving few hints of how they plan to use a botnet of several million infected PCs.  Here’s an FAQ I’ve assembled, derived from interviews with F-Secure’s Patrik Runald, Secureworks’ Don Jackson, Arbor Networks’ Jose Nazario, Sunbelt Software’s Eric  Sites and Panda Security’s Inaki Urzay.

Q. How did  Downadup/Conficker originate?

A. Around last September, as everyone focused on the crashing financial markets, a self-spreading Windows OS infection began hitting  a few PCs in China. The attacker took advantage …more

Microsoft pays $250,000 bounty for capture of creator of Netsky/Sasser

Book Excerpt
Chapter 4 – Self-Anointed Avenger
Pages 52- 59
Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity

ISBN- 13: 978-1-4027-5695-5

Virus Wars

Subject: Hi

So began the Virus Wars of 2004. It would pit the new breed of for-profit virus writers against an idealistic German teenager. Collateral damage would reverberate around the globe: tens of millions of PCs compromised; hospitals, banks, and transportation systems briefly knocked out. The world would never be the same. After 2004, hacking would become almost exclusively a for-profit criminal exercise, and the Internet-the emergent information superhighway-would become a thoroughfare of thieves.

It would start with an innocuous-looking sliver of e-mail …more