Shnakule’s Finding Demonstrates Increasing Refinement of Cyber-crime

An extremely sophisticated and an enormous-sized 'malnet,' meaning malware network, named Shnakule has been discovered that prompted a few security companies for reconstructing their opinion about cyber-crime activities, reports V3.co.uk dated January 10, 2012.

Reportedly, as per security researchers, the new malnet covers several attack mediums as also has believably been employed to wage several assaults during when the number of active servers spanned over a few hundreds or a few thousands of computers.

Notably, the first to report a Shnakule assault was Armorize Technologies, which said that the attack caused the lawful MySQL.com website to become hijacked as also getting utilized for delivering malevolent JavaScript capable of constructing a hidden iFrame. This iFrame facilitated one drive-by download assault, which used the hosting services of external servers outside MySQL.com.

Significantly, alongside utilizing websites, which understandably belonged to Shnakule, the drive-by download assault also utilized servers associated with fresh payloads and exploits. This assault triggered from one of a number of malevolent websites receiving the hosting services of a server, which according to WebPlus, was categorically a malware supporter and thus reportedly blocked. Consequently, users were proactively safeguarded from the assault, which was waged after 3 days. In the meantime, during the period of 5-days when the server was utilized, Blue Coat Security Labs detected 81 separate malware-loaded websites, which the server hosted.

Moreover, during January-June 2011, Shnakule functioned as the 'malnet' of prominence both in terms of magnitude and efficacy. In those months, the malnet had a mean 2,000 count of distinct host names on a daily bass, while the peak count was over 4,300/day. Besides, Shnakule demonstrated as being the most skilled towards enticing end-users when the mean count of requests was over 21,000, while on any single day, those requests counted a huge 51,000.

Vice President of Product Marketing and Product Management, Steve Schoenfeld of Blue Coat stated that his company all along had been maintaining trace of Shnakule's activities over many months via the use of its WebPlus defense mechanism, adding that the firm's discoveries flouted traditional knowledge regarding the way cyber-crime and malware activities worked. V3.co.uk reported this.

» SPAMfighter News - 1/19/2012