DUTCH AUTHORITIES HAVE SHUT DOWN THE BREDOLAB BOTNET THAT HAD INFECTED OVER 30 MILLION SYSTEMS.
By Tom Brewster
IT Pro
http://www.itpro.co.uk/628048/massive-bredolab-botnet-shut-down
Oct 26 2010
UK
The Bredolab botnet, which had infected over 30 million computers
worldwide, has been taken down.
The High Tech Crime Team of the Dutch National Crime Squad announced
it had disconnected 143 servers which were helping run the botnet
and Armenian police have arrested a man believed to be the mastermind.
Investigators determined that the illicit network had the ability to
infect three million computers a month. At the end of last year, the
team estimated that 3.6 billion emails with Bredolab virus payloads
were sent every day to end users.
The criminal operation used services hired in the Netherlands from
a reseller of LeaseWeb - one of the biggest hosts in Europe.
LeaseWeb fully cooperated in tackling the botnet and removing its
activity from its network.
"On request of the Netherlands police we did not take down the botnet
immediately after discovery, but gave the police the opportunity to
investigate and deal a lasting blow to this cyber crime organisation,"
LeaseWeb's security officer Alex de Joode told IT PRO.
"This is a big success. This is one of the largest botnet
infrastructures dismantled and one of the few times that the botnet
mastermind was also apprehended."
Cyber criminals had used the botnet to steal financial information
and other carry out other fraud offences.
The Bredolab virus itself can take complete control over an infected
computer and steal data from a user's system.
It also has the ability to copy, change or delete files and other
information.
"Bredolab is a large family of complicated, polymorphic Trojans,"
explained Mikko Hypponen, chief research officer at F-Secure.
"They have been distributed via drive-by-downloads and email. Bredolab
is known to be connected to email spam campaigns and rogue security
products."
Hypponen claimed in a blog that 2010 "is becoming a good year in
shutting down big botnets."
Earlier this year, another mega-botnet in the form of Mariposa was
taken down and the suspected criminals behind the operation were
arrested.
From: A. Papazian
By Tom Brewster
IT Pro
http://www.itpro.co.uk/628048/massive-bredolab-botnet-shut-down
Oct 26 2010
UK
The Bredolab botnet, which had infected over 30 million computers
worldwide, has been taken down.
The High Tech Crime Team of the Dutch National Crime Squad announced
it had disconnected 143 servers which were helping run the botnet
and Armenian police have arrested a man believed to be the mastermind.
Investigators determined that the illicit network had the ability to
infect three million computers a month. At the end of last year, the
team estimated that 3.6 billion emails with Bredolab virus payloads
were sent every day to end users.
The criminal operation used services hired in the Netherlands from
a reseller of LeaseWeb - one of the biggest hosts in Europe.
LeaseWeb fully cooperated in tackling the botnet and removing its
activity from its network.
"On request of the Netherlands police we did not take down the botnet
immediately after discovery, but gave the police the opportunity to
investigate and deal a lasting blow to this cyber crime organisation,"
LeaseWeb's security officer Alex de Joode told IT PRO.
"This is a big success. This is one of the largest botnet
infrastructures dismantled and one of the few times that the botnet
mastermind was also apprehended."
Cyber criminals had used the botnet to steal financial information
and other carry out other fraud offences.
The Bredolab virus itself can take complete control over an infected
computer and steal data from a user's system.
It also has the ability to copy, change or delete files and other
information.
"Bredolab is a large family of complicated, polymorphic Trojans,"
explained Mikko Hypponen, chief research officer at F-Secure.
"They have been distributed via drive-by-downloads and email. Bredolab
is known to be connected to email spam campaigns and rogue security
products."
Hypponen claimed in a blog that 2010 "is becoming a good year in
shutting down big botnets."
Earlier this year, another mega-botnet in the form of Mariposa was
taken down and the suspected criminals behind the operation were
arrested.
From: A. Papazian