The success of the Poles. They helped neutralize malware – TVN24 Business World
Polish experts from CERT Poland in cooperation FBI and Interpol led to the disposal of the botnet Dorkbot – malware that just this year has infected around the world, at least one million Windows devices.
A botnet Dorkbot creating a network of infected computers operated since 2011. and It was used by cybercriminals, among others, to steal credentials person off antivirus software and distribute other malicious software. Among Polish users spread via Skype. In addition to instant messaging, Dorkbot infection also used the social networking and USB media. Part of the infrastructure to manage the botnet was in Poland.
ZR & oacute; DLO: Shutterstock The DDoS attacks are exposed to particular operators, KT & oacute; re base their activities on the website
The asymmetry between the cost of carrying out DDoS attack and the losses incurred t … see more »
Mechanism of Action
– The greatest danger associated with the operation of Dorkbota was using it as a platform to distribute other cyber threats. Estimating the actual number of infected computers will be possible after a detailed analysis of the entire threat, but according to preliminary estimates of the scale of infection in Poland was not significant – said the head of the CERT Poland Piotr Kijewski. He added that his team informed the Polish users about the threat in the autumn of 2012.
To dispose Dorkbota, set up an international consortium, headed stood Microsoft. It includes next CERT Poland included: ESET, working in the Department of Homeland Security of the United States team of US-CERT, the FBI, Interpol and Europol and other law enforcement agencies. The culmination of the consortium activities aimed at eliminating the threat has been to destabilize the virus. As a result, infrastructure management malware has been disposed of, and the whole movement, which generated Dorkbot, moved to specific IP addresses, where it will be captured and tested.
In cooperation experts CERT Poland analyzed the malware and provided information on the principles of its operation. At the same time handed telemetry data of existing viruses, and also participated in the consultations on the direction of activities.
CERT
A botnet is a network of infected computers (also called zombie PCs, or bots), which the aim is to carry out orders cybercriminals. Botnets are usually used for the so-called. DDoS attacks, or block access to services on the Internet, eg. bank, auction website or online store, distribute unsolicited email, ie. spam, steal confidential data, to withdraw funds from accounts, electronic banking.
CERT Poland operates within the Research and Academic Computer Network (NASK) for 19 years and monitors the risks associated with cyber security internet users in Poland. Regularly also preparing a report summarizing threats on the Internet in a given year.
Cyber attacks in the world. Most come from China, the United States the most common victim:
No comments:
Post a Comment