Botnet Infiltrated by Researchers
Security researchers have managed to infiltrate a botnet which had amassed around 60GB of stolen information. The command and control servers were in charge of some 55,000 zombie computers by the time researchers infiltrated the botnet, according to researchers with AVG.
The botnet appeared to be the work of a sophisticated criminal gang called the Avalanche Group, which was responsible for around two-thirds of phishing attacks in the second half of 2009, according to the Anti-Phishing Working Group.
“These criminals are some of the most sophisticated on the Internet, and have perfected a mass-production system for deploying phishing sites and ‘crimeware,’” AVG wrote in a recently released report. “This means that mitigating the threat by going after the servers hosting the data using the ‘Mumba’ botnet is now much harder than before.”
Unlike most command and control servers, Mumba does not operate on compromised webservers but rather uses fast-flux technology, carrying out operations with thousands of infected computers. Most of the victims were in the U.S. and Europe.
Related posts:
