As mark security experts form Symantec, Conficker step-by-step transforms thousands of infected PCs into zombie network for spam and spyware distribution. The worm loads it’s code under the name Waledac which unites the infected machines in the botnet.
Security experts from Symantec company inform of appearance of the first botnet, which structure includes computers under control of Apple Mac OS X operating system.
The analysis has shown that creation of new zombie network, named iBotnet, has started in January. The structure of the botnet includes computers infected with malicious program OSX.iServices. This trojan was distributed as an utility for removal of copy protection of pirated versions of Photoshop CS4 and iWork ‘ 09.
Read the rest of this entry »
The “Kaspersky’s Labs” warns about appearance of the new version of the Conficker also known as Kido and Downadup.
Conficker has been detected in November of last year, however the peak of its activity has been on the beginning of January: for a few days the worm has infected about ten millions computers worldwide.
Read the rest of this entry »
Experts from DroneBL have detected very unusual botnet, consisting not from personal computers of Internet users, but from DSL-modems and routers.
According to the research, a worm under the name psyb0t is responsible for the creation of the botnet. Network devices on the basis of Mipsel platform — variant of Debian Linux for processors MIPS are the subject of infection. Attack is made by exhaustive search of combinations of a login and the password under the list; after successful breaking psyb0t closes access to a router for other users and incorporates with the botnet.
Read the rest of this entry »
OpenDNS service has learned to resist the attempts of computers infected by the Conficker worm to contact with a possible controlling domain. Thus, the use of OpenDNS will protect from evil actions of the worm, when (and if) the authors try to take advantage of built a potential super-botnet.
By estimations of the anti-virus companies, the quantity of infections with the sensational net worm actively travelling on the Internet and corporate networks of last 2-3 weeks, has reached 10 million computers. However the last some days speed of distribution of this harmful code has considerably decreased. We will remind that various variants of worm Conficker (Downadup) extend, maintaining vulnerability MS08-067 in Windows operating systems.
Read the rest of this entry »
Super-botnet which is being built by the worm Conficker, has grown already at least to 3,5 million computers. Thus, this zombie-network in the sizes has surpassed all known till now botnets, including Storm, which, by some estimations, on peak of the development included from 500 thousand to one million computers.
Daily, taking for a basis of a mark of time from public sites like Google and Baidu, the program generates weight of sequences of the symbols similar to domain names. Using this set of the lines, the infected computer tries to contact the servers located on corresponding domains. In practice such domain can be only one — using the same algorithm, owners of a bot-network in advance register, lift on it a server and, thus, supervise all herd of zombies-computers.
