Finjan uncovers botnet maintaining 1.9m compromised-zombies

Researchers at Finjan the security firm have revealed a botnet that is expanding rapidly around the world while currently consisting of 1.9m computers that belong to corporate, private and government entities. It (the botnet) came into light when the security researchers discovered a Trojan that linked to a center that commanded and controlled it.

Further, the botnet, which is based in the Ukraine and has been active ever since February 2009, is under the control of a group of 6 criminals that commands Windows XP systems to copy data files, monitor keystrokes, take screenshots, and send spam, marketing director Ophir Shalitin of Finjan said. CNETNews published this on April 21, 2009.

Also as per reports, the group has hijacked PCs within 77 domains that the U.S. government and other governments own. Further, about 50% of the contaminated PCs are in United States of which 80% run Internet Explorer and 15% use Firefox.

Besides, according to Yuval Ben-Itzhak, Chief Technology Officer at Finjan, the criminals, controlling and running the botnet, by hiring out parts of the network could net in a huge $190,000 in a single day. CNETNews reported this.

Say the researchers that the botnet spread infection to computers, using software that allowed the criminals to take them over and to add them to the malicious network via the exploitation of browser vulnerabilities. Once the criminals compromised a computer, they instructed it to download more harmful software that placed the system at the risk of the malevolent hackers.

Meanwhile, the issue that is most worrying is that when the bot enslaves even one computer on a company network, it also puts all the remaining systems in danger.

Also, the researchers stated that the attacks' sophistication proved the cyber criminals' potentiality and indicated how vulnerable companies and organizations were to such attacks. They also said that since the malicious software managed to evade the high number of anti-virus systems, it suggested that organizations needed to adopt a rigorous approach of multi-layered defenses.

Reportedly Finjan has alerted U.K and U.S. authorities as well as notified businesses and government departments whose PCs belonged to the botnet.

Related article: Finjan Brings Out Report on Web Malware

» SPAMfighter News - 4/27/2009