Gameover, A P2P ZeuS Botnet Contaminates Over 675,000 Computers
Security researchers attending the Las Vegas-held BlackHat Security Conference that lately concluded disclosed that over 675,000 computers were infected with a P2P or peer-to-peer botnet when among those entities affected; fourteen were companies belonging to the twenty richest firms of Fortune 500, published techweekeurope.co.uk dated July 26, 2012.
Gameover, which is the name of the botnet, utilizes one privately-created ZeuS sample that's an amalgamation of software codes required for hijacking PCs as well as running the ensuing bot-network.
Researcher Brett Stone-Gross at Dell SecureWorks, the managed security facilities company, who was behind carrying out the research stated that the P2P network aimed at bank clients within Asia, Europe and USA as also demonstrated how very complicated were such botnet activities. Eweek.com published this dated July 25, 2012.
Stone-Gross further stated that certainly there were several newer botnets, which relied on P2P operations while abandoning the infrastructure of centrally-regulated systems. There wasn't actually any infrastructure, which agents of law enforcement were able to chase as also dismantle, without backtracking via multiple hijacked machines, since the bot-herders had concealed their infrastructure truly fine, he explained.
Furthermore, SecureWorks' report reveals that the peer-to-peer ZeuS botnet takes help from Cutwail the network-of-bots which spews spam, for dispatching huge volumes of e-mail pretending to be from popular brands such as of mobile-phone companies, Internet retailers, financial institutions and social-networking websites. There is characteristically the so-called system that loads known as "pony," which links up with 3 hard-coded hijacked online servers, for pulling down the peer-to-peer ZeuS components, adds the report.
The ZeuS peer-to-peer format, somewhat like before, uses keystroke logging, credential scrapping or form grabbing to seize data from a victim's PC. Besides, with ZeuS Trojan it's possible for altering a target site's HTML as also/alternatively adding extra form fields that fools victims enough to make them submit sensitive info, an operation called "web injects." Meanwhile, addresses in both IPv6 and IPv4 received the backing of the new ZeuS network-of-bots.
Conclusively, according to Stone-Gross, the Gameover ZeuS botnet, because of its P2P design, will cause immense difficulty in shutting it down, thus reported arnnet.com.au dated July 25, 2012.
» SPAMfighter News - 04-08-2012