Researchers Create Mobile Botnet with Weather App

At last week’s RSA Conference, security researchers with TippingPoint’s Digital Vaccine Group presented their research into mobile botnets. To date, the largest mobile botnet was centered predominately in Europe on “jailbroken” iPhones. Researchers Derek Brown and Daniel Tijerina were able to fool around 8,000 iPhone and Android users into “joining” a mobile botnet by downloading a seemingly innocent weather app.

The app, called WeatherFist, captured a user’s GPS coordinates and…

Experts Question Effectiveness of Botnet Takedowns

Recently, two major botnets have been brought down through legal channels and arrests. Microsoft used a court order to take out one botnet and Spanish authorities arrested the administrators of the Mariposa botnet. Despite these recent successes, some security researchers have begun to question the how effective taking out a botnet really is, according to…

Russian Attack Botnet Now Used for Domestic Financial Crimes

Russian botnets are commonly used by cyber criminals to target victims in predominately Western nations, such as the U.S., Germany, France and UK. However, Joe Stewart, a researcher with SecureWorks, has found that a Russian botnet is now being used to target domestic financial institutions using a plug-in that does not require the hacker to write new source code.

The botnet, termed BlackEnergy 2 by Stewart, was used…

Authorities Smash Botnet Infecting Over Half of Fortune 1000

Earlier this year, Microsoft demonstrated one way to take out a botnet. Earlier this week, Spanish authorities provided another option, namely arresting the botnet handlers. Spanish authorities arrested 3 cyber criminals who were behind the Mariposa botnet, which was one of the largest botnets in the world and, according to investigators, infected PCs in over 40 banks and over half of the Fortune 1,000 companies.

In order to find…

Tracking Botnets Just Got Harder

Security researchers often use ‘honey-pots’, computers without anti-virus protection containing monitoring software, to conduct research on botnets. The honey-pot computer becomes infected with a virus that would turn it into part of the botnet. However, the system is set up so the commands sent to the computer are monitored and the computer does not actually follow the commands of the control computer.

This research effort, which is one of the…

Microsoft Uses Courts to Take Down Botnet

Microsoft and the Botnet Task Force have struck again, and this time against one of the United States largest spam producers. Microsoft petitioned the U.S. courts for a take down order against domains associated with the Waledac botnet.

The order, which was granted by the court, allows traffic to be restricted from 277 domains linked to compromised machines. “Waledac is estimated to have infected hundreds of thousands of computers around…

Researchers Find Massive Botnet

Security researchers with NetWitness Corp. have discovered a massive botnet which includes at least 75,000 infected computers at 2,500 companies and government agencies throughout the world. The Kneber botnet has been used by cyber criminals to acquire login credentials for email systems, financial and social networking sites.

The Kneber botnet is named after the username that has linked the infected computers into a botnet. The data uncovered by NetWitness included…

Botnets Battle for Domination

A new botnet, which came out in late December, is trying to kill off a rival botnet, according to security researchers.

The new toolkit, known as SpyEye V1.0, is similar to the more prolific Zeus trojan, both of which can be used to form botnets by infecting computers.

SpyEye also contains a feature called “Kill Zeus,” which steals the information that the Zeus Trojan has collected off a victim’s computer,…

Botnet Assaults CIA

The Central Intelligence Agency has come under attack by a modified botnet on the SSL port (secure sockets layer). The same botnet has also launched attacks against PayPal and several hundred other websites.

The botnet sends a flood of legitimate-looking information requests over the SSL port, which forces them to consume more resources, according to Shadowserver Foundation, a security research collective.

The attacks began approximately a week ago and appear to…

Security Researchers Go on Offensive

A security firm and ISPs have colluded to take down the command and control servers of the Lethic botnet, according to an article on The Register.  Neustar, a security research firm, along with cooperation from ISPs, were able to attack the servers of the Lethic botnet, which was used in distributing spam.

This is the third major assault against spammers by security research firms in the past year. Cyber…