Botnet Compromises Half of Fortune 100 Companies

Security experts with Canadian security firm Defence Intelligence have informed that a botnet has compromised half of the Fortune 100 companies to conduct a massive information theft, reported pcmag.com on September 28, 2009.

The security experts stated that the compromise, which involves a Trojan called Mariposa, has infected several thousand distinct networks, which include two out of three American credit bureaus. Also, it was in May 2009 that Defence Intelligence first detected this malicious network. Meanwhile, the company computes that the botnet is currently adding on around 7,000 new hijacked PCs every day, reported ca.sys-con.com on September 28, 2009.
Understandably, the Mariposa botnet has been created with the help of the easily accessible 'butterfly' bot kit. Although troubled companies among the Fortune 100 have not confirmed the claim, the threat appears truly genuine.

Co-founder and CEO of Defence Intelligence, Christopher Davis, stated that Mariposa is an extremely sophisticated malware that targets its victims very selectively, reported ca.sys-con.com on September 28, 2009.

He further claimed that his team of security researchers has identified hundreds of such attacks against financial institutions, government agencies, corporate and university networks globally, but just a few home users have been found affected.

According to him, while the Trojan is skilled at capturing sensitive details like passwords, it's fast becoming both perilous as well as prevalent. Also, its make enables it to easily evade the detection capabilities of conventional security measures such as anti-virus. It also tricks the detection capabilities of the more advanced solutions. Finally, Davis said that the threat is expected to spread while remaining relatively undetected; however, the security firm is diligently notifying the situation to the troubled companies and helping them by providing appropriate solution.
Moreover, Mikko Hypponen, Chief Research Officer for F-Secure, the Finland-based security firm, noted that his company, which has been tracing the Mariposa threat for several months, has detected the malware not simply as Mariposa but also as Vaklik or Palevo based on the type of its variant, reported pcmag.com on September 28, 2009.

Eventually, as per the Mariposa botnet's README.TXT, the malware disseminates through MSN, USB drives and P2P networks.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 10/19/2009