D
Don McKenzie
Guest
FBI hijacks Coreflood botnet
Swaps command servers with their own.
US authorities claim to have replaced the command and control servers of the Coreflood botnet with their own kit in an
effort to weaken the impact of the decade-old threat.
The US Department of Justice (DOJ) and the FBI seized five command and control servers and 29 domain names used by the
botnet, according to a statement issued Wednesday.
Authorities were granted permission to swap the servers after gaining a temporary restraining order (TRO) on the
machines hosting the software. It was hoped authorities could thus prevent the botnet's operators from updating software
on victim systems and continue to avoid detection by antivirus vendors.
"The TRO authorises the government to respond to these requests from infected computers in the United States with a
command that temporarily stops the malware from running on the infected computer," the DOJ said.
Coreflood, one of the oldest botnets in continuous operation, was unique, according to Joe Stewart, director of research
for Dell SecureWorks.
Motives have morphed over time - from simple DDoS to selling anonymity services and even to bank fraud. Over the course
of the decade, Coreflood has infected businesses, hospitals, government and a state police agency.
The botnet was capable of infecting an entire domain in one hit and used a MySQL database to track infections, according
to Stewart, who uncovered a 50GB database of stolen credentials the botnet had collected in the two years to 2008.
Full Story:
http://www.itnews.com.au/News/254437,fbi-hijacks-coreflood-botnet.aspx
Additional details:
http://www.justice.gov/opa/pr/2011/April/11-crm-466.html
Cheers Don...
===================
--
Don McKenzie
Dontronics Blog: http://www.GodzillaSeaMonkey.com
Dontronics Site Map: http://www.dontronics.com/sitemap
E-Mail Contact Page: http://www.dontronics.com/email
Web Camera Page: http://www.dontronics.com/webcam
No More Damn Spam: http://www.dontronics.com/spam
These products will reduce in price by 5% every month:
http://www.dontronics-shop.com/minus-5-every-month.html
http://www.dontronics-shop.com/ics.html
Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".
Swaps command servers with their own.
US authorities claim to have replaced the command and control servers of the Coreflood botnet with their own kit in an
effort to weaken the impact of the decade-old threat.
The US Department of Justice (DOJ) and the FBI seized five command and control servers and 29 domain names used by the
botnet, according to a statement issued Wednesday.
Authorities were granted permission to swap the servers after gaining a temporary restraining order (TRO) on the
machines hosting the software. It was hoped authorities could thus prevent the botnet's operators from updating software
on victim systems and continue to avoid detection by antivirus vendors.
"The TRO authorises the government to respond to these requests from infected computers in the United States with a
command that temporarily stops the malware from running on the infected computer," the DOJ said.
Coreflood, one of the oldest botnets in continuous operation, was unique, according to Joe Stewart, director of research
for Dell SecureWorks.
Motives have morphed over time - from simple DDoS to selling anonymity services and even to bank fraud. Over the course
of the decade, Coreflood has infected businesses, hospitals, government and a state police agency.
The botnet was capable of infecting an entire domain in one hit and used a MySQL database to track infections, according
to Stewart, who uncovered a 50GB database of stolen credentials the botnet had collected in the two years to 2008.
Full Story:
http://www.itnews.com.au/News/254437,fbi-hijacks-coreflood-botnet.aspx
Additional details:
http://www.justice.gov/opa/pr/2011/April/11-crm-466.html
Cheers Don...
===================
--
Don McKenzie
Dontronics Blog: http://www.GodzillaSeaMonkey.com
Dontronics Site Map: http://www.dontronics.com/sitemap
E-Mail Contact Page: http://www.dontronics.com/email
Web Camera Page: http://www.dontronics.com/webcam
No More Damn Spam: http://www.dontronics.com/spam
These products will reduce in price by 5% every month:
http://www.dontronics-shop.com/minus-5-every-month.html
http://www.dontronics-shop.com/ics.html
Bare Proto PCB for PIC or AVR projects?
"I'd buy that for a Dollar!".