Asprox Botnet Attributed with Over Three-Quarters of all Assaults during October 2014

Palo Alto Networks the security research company has just released its yearly Threat Landscape Review that estimates 80 percent of the entire worldwide Web content that was tainted with malware as flowing from the old but wholly active Asprox botnet this year (2014) during the month of October.

Having first appeared during 2008, Asprox aided its criminal owners towards successfully infiltrating more than 2,000 separate renowned organizations and corporate houses, proving to be both an independent disseminator of malicious software and a base where the cyber-criminals could create custom deployments using the very tools the botnet provided in an integrated manner.

Asprox, during its attacks, little distinguished between different entities such as hospital networks, high-profile enterprises, or secret military bases.

Referred to as Kuluoz too, Asprox uses typical SQL injection methodology for making unwitting end-users click through different kinds of phishing schemes, drive-by download campaigns as well as malware tainted attachments.

According to security researchers from Palo Alto Networks, the Asprox bot transmits its own replicas over e-mail pretty fast as also to Internauts across the globe followed with trying to pull down more malware thus affecting 1,933 separate companies.

Overall, the researchers assert that the botnet delivers malware chiefly through HTTP and e-mail (SMTP).

Wholesale as well as retail firms got nearly 28% of the malware assaults while hospitality organizations got below 2% of the badwares, both from web-surfing.

Malware got served via 50 or more unique mediums with 87% malicious programs getting served via e-mail while 11.8% via Web-surfing (HTTP). Moreover, whilst the e-mail and Web-surfing mediums were associated with most malware assaults, it's significant to point out that organizations have the capability for detecting malicious content within any medium working on their networks, thus states the security company.

However, the malware can be avoided for which Palo Alto recommends re-checking any web-links within an e-mail before clicking on them, never proceeding to access an unfamiliar website, and forever maintaining an up to date and active firewall having the most recent signature definitions for preventing Asprox bot from causing the harm it would given a chance to begin.

» SPAMfighter News - 12/22/2014