Humanity is acquiring all the right technology for all the wrong reasons - R. Buckminster Fuller
|
|
|
Zeus is still king of the botnets
DESPITE THE FACT that gang members controlling the Zeus botnet have had their collars felt by Inspector Ivan Knacker of the Moscow yard, it appears that the botnet is continuing to grow.
According to Kaspersky Lab's October malware statistics, Zeus has become one of the most commonly used and best-selling spy programs on the online black market.
The honour is due to the fact that the trojans in the Zeus family can be configured to steal online data.
Additional viruses have been appearing that are used to help grow the Zeus botnet. Virus.Win32.Murofet, which was first seen in the wild in October, generates domain names that link to downloadable and executable Zeus files.
The virus obtains the year, month, day and minute from the system, generates two double words, adds one of several popular domain zones, adds "/forum" to the end of the string and uses it as a link.
Vyacheslav Zakorzhevsky, senior virus analyst at Kaspersky Lab and author of the report said the latest version of the Zeus malware demonstrates just how inventive and eager the Zeus developers are to spread their creation around the world.
The report also notes that fake archiving programs are becoming the latest thing to hit the anti-virus world.
These programs disguise themselves as tools to remove license protection from legal software.
After a user launches a fake archiving program, they are asked to send an SMS to a premium number so they can access the contents of an archive.
In most cases, after a message is sent, the user receives instructions on how to use a torrent tracker and a link to it.
Zakorzhevsky said that the victim ends up spending money and does not get the file they wanted. This type of fraud is relatively new and only came to light a few months ago. It has attracted a lot of interest from criminals ever since.
People are still falling for a varient of the Fakeupdate family which requests users to download it to see a video.
The latest version is Trojan.JS.FakeUpdate.bp. This Trojan associates a number of popular websites with a local IP address and installs a local web server on the infected computer. After this, every time the user tries to access one of the websites, a message appears in the browser demanding that the user pay for viewing adult content. µ
Share this:
Share
Interesting thing about Windows is that it's *just* reliable enough to host bot-nets.
By the way, will someone tell me again how "secure" Windows is? Because I keep forgetting in the face of evidence. -- And I don't mean that it's compromised by fool users, but why aren't fool users thwarted with even elementary restrictions on keyboard tapping and net usage? At this point, late 2010, it's obvious that those are needed, but Windows is still basically as open as DOS.