botnet

Attackers have begun exploiting a design flaw in Adobe Systems' PDF format to spread the Zeus botnet, only days after the publication of a proof-of-concept exploit for the flaw, according to security researchers.

On Wednesday, researchers at M86 Security said they had discovered e-mails claiming to originate from Royal Mail with PDF attachments exploiting the flaw. The attachment attempts to run an executable file that installs the Zeus Trojan on a user's system.

Zeus attempts to steal banking information by logging a user's keystrokes. It also attempts to make a user's system part of the Zeus botnet. … Read more

Most major U.S. corporations--up to 88 percent of the Fortune 500 companies--may be affected by botnet activity from computers compromised by the Zeus data-stealing Trojan, according to an RSA study released Wednesday.

RSA's FraudAction Anti-Trojan services analyzed data stolen by Zeus from infected computers in August and traced evidence back to IP addresses and e-mail addresses belonging to the corporations, said Sean Brady, manager of the Identity Protection and Verification Group at RSA, which is the security division of EMC.

Specifically, "domains individually representing 88 percent of the Fortune 500 were shown to have been accessed to … Read more

The Vietnam government dismissed what it called "groundless" accusations that it was involved in recent cyberattacks used to intimidate opponents of a mining project in Vietnam.

Malware disguised as a popular Vietnamese-language keyboard driver was used to create a botnet that targeted blogs rallying against a bauxite mining project in Vietman, according to blog posts from Google's Neel Mehta and McAfee Chief Technical Officer George Kurtz.

"The perpetrators may have political motivations and may have some allegiance to the government of the Socialist Republic of Vietnam," Kurtz said in his blog.

"The comments are … Read more

Cyberattacks were recently used to intimidate opponents of a mining project in Vietnam with ties to China, according to Google and McAfee.

Malware that was disguised as a popular Vietnamese-language keyboard driver for Windows users was used to create a botnet, according to blog posts from Google's Neel Mehta and McAfee Chief Technical Officer George Kurtz. That botnet was then used to target blogs rallying against a bauxite mining project in Vietman, employing DDoS (Distributed Denial of Service) attacks to shut down those blogs, according to the posts.

The two companies discovered the botnet and malware during an investigation … Read more

In this day and age of technological advancement and digital lifestyles, it's incredible to me that nearly half of a recently surveyed audience opened junk e-mail (aka spam), intentionally.

According to an Ipsos Public Affairs Messaging Anti-Abuse Working Group (MAAWG) survey report (PDF), tens of millions of users continue to respond to spam in ways that could leave them vulnerable to a malware infection or bot network.

The results of the survey show that nearly half of the users have opened spam, clicked on a link in spam, opened a spam attachment, replied, or forwarded it--all activities that leave consumers susceptible to fraud, phishing, identity theft, and infection.

Of those who intentionally opened spam, they did so to unsubscribe or complain to the sender or to see what would happen. Fifteen percent clicked to learn more about the products or services being offered.

… Read more

You may want to start keeping a closer eye on where you click if you live in Seattle.

Among 50 U.S. cities studied for their vulnerability to cybercrime, Seattle came out on top as the riskiest place, followed by Boston, Washington, D.C., and San Francisco, according to the report "Norton's Top 10 Riskiest Online Cities," released Monday.

In an effort to study and rank the nation's riskiest cities for cybercrime, Symantec partnered with research firm Sperling's BestPlaces. The two companies used their own internal research and also checked out key facts and figures … Read more

Vodafone has discovered that malware found on several it distributed came from the memory cards, which were shipped in about 3,000 HTC and other phones, according to a published report.

Spanish language blog Movil Zona reported that Vodafone said it was immediately sending new memory cards to people who bought phones using those cards.

After malware related to the Mariposa botnet was discovered on a second HTC Magic phone from Vodafone this week, a Vodafone spokesperson issued a statement to CNET on Thursday saying it was a "local incident in Spain."

In response to questions about the … Read more

Microsoft has said that its legal action against Waledac domains has "decimated" the eponymous botnet.

Microsoft on Monday said that research indicated that commands to Waledac zombies had ceased, following the granting of a temporary restraining order that cut off over 270 domains suspected of channeling command and control instructions. The legal action and associated operations were code-named Operation b49.

"Early data from Microsoft and other researchers indicate that our actions have effectively decimated communications within the Waledac bot network," said Jeff Williams, director of the Microsoft Malware Protection Center, in a blog post on Monday. &… Read more

At its height, the Mariposa botnet consisted of about 13 million computers in 190 countries. A joint operation by researchers from Canadian security firm Defence Intelligence and Spain's PandaLabs, in conjunction with the FBI and the Guardia Civil, led to the arrest of three men in Spain earlier this month in connection with the Mariposa botnet.

The men, who had no specific computer training, are believed to have played a part in operating the command-and-control servers for the botnet, according to PandaLabs' technical director Luis Corrons, who spoke to ZDNet UK about Mariposa following the arrests.

When did security … Read more