Symantec takes the first step in successfully combating the ZeroAccess botnet by sinkholing more than half a million bots - making a serious dent to the number of bots under the attacker’s control. ZeroAccess is a sophisticated and resilient botnet, which has been active since 2011 and is one of the largest known botnets in existence – with upwards of 1.9 million infected computers on a given day as observed in August 2013. While 35 per cent of the infections were observed in the US, India had the third highest infection rate globally, just behind US and Japan. Nearly six per cent of ZeroAccess infections were observed in India.
Bot infected computer activities can be classified as actively attacking bots or bots that send out spam such as spam zombies. Spam zombies are remotely controlled, compromised systems specifically designed to send out large volumes of junk or unsolicited email messages. Earlier this year, Symantec’s Internet Security Threat Report Vol 18 - identified that India accounted for nearly 15 percent of global bot-net spam, responsible for disseminating an estimated 280 million spam messages per day worldwide.
Symantec is actively working with ISPs and CERTs worldwide to share information and help get ZeroAccess bot infected computers cleaned up. Symantec continues to devote the resources of security experts – as well as the largest, most sophisticated global intelligence network in the world – to investigate security threats in order to keep customers – from individual consumers to global corporations – informed and protected.
The ZeroAccess botnet is one of the largest known botnets in existence today with a population upwards of 1.9 million computers, on any given day, as observed by Symantec in August 2013. A key feature of the ZeroAccess botnet is its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives the botnet a high degree of availability and redundancy. In the ZeroAccess botnet, there is constant communication between peers. Each peer continuously connects with other peers to exchange peer lists and check for updated files, making it highly resistant to any take-down attempts.
ZeroAccess leverages click-fraud and Bitcoin mining to carry out two revenue generating activities – potentially earning tens of millions of USD per year in the process.
Click fraud: The click fraud Trojan downloads online ads onto the infected computer and generates artificial clicks on the ads as if they were generated by legitimate users. These false clicks count for pay outs in pay-per-click (PPC) affiliate schemes.
Bitcoin mining: The virtual currency holds a number of attractions for cybercriminals. The way each bitcoin comes into existence is based on the carrying out mathematical operations known as “mining” on computing hardware. This activity has a direct value to the botmaster and a cost to the unsuspecting victims; we took a closer look at the economics and impact of this activity using some old computers available in our labs.
Source:Biztech2
Do you like this post? Please link back to this article by copying one of the codes below.
URL: HTML link code: BB (forum) link code:
No comments:
Post a Comment