Polish CERT hits Virut botnet
Posted on 21 January 2013.
Bookmark and Share
The Polish Research and Academic Computer Network (NASK), the national registry of the .pl domain and founder of CERT Polska, has announced on Friday that they took over 23 domains that served as C&C servers for the Virut botnet.


The botnet, recently used as a way for Waledac botmasters to recreate their own botnet which has been crippled in previous years by Microsoft, has been dealt a considerable blow.

"The scale of the phenomenon was massive: in 2012 for Poland alone, over 890 thousand unique IP addresses were reported to be infected by Virut," claims CERT Polska. "Since 2006, Virut has been one of the most disturbing threats active on the Internet. In late 2012 Symantec estimated the size of its botnet at 300,000 machines, while Kaspersky reported that Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time."

Among the domains the incident response team took over and sinkholed were also a few .pl domains previously used to host the Virut malware, its C&C IRC servers, and even Zeus and Palevo malware.

The Virut malware has, in the past, been mostly distributed via infected removable media and file sharing. But more recent version are capable of infecting HTML files, injecting an invisible iframe that would download Virut from a remote site, say the researchers.

Computers enslaved in the Virut botnet were used for spamming, DDoS attack, malware propagation, and similar malicious activities.






Spotlight

Nine patterns make up 92 percent of security incidents

Posted on 23 April 2014.  |  Researchers have found that 92 percent of the 100,000 security incidents analyzed over the past ten years can be traced to nine basic attack patterns that vary from industry to industry.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Apr 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //