Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

ESET Researchers Disable Mumblehard Botnet


Twelve months following publication of Mumblehard Linux botnet's technical analysis, the good news is that the botnet has become inactive. A joint effort by ESET with CvS Centrum LLC and Ukraine's Cyber Police has shutdown Botnet Mumblehard, thus making an end to all its spam operations starting end February 2016.

There's certain sinkhole server ESET runs to thwart Mumblehard bots. The company has given all of the data obtained from sinkholing to CERT-Bund that's doing its part of informing each and every affected party anywhere on the globe via the CERTs of respective countries.

On examining Mumblehard, ESET found it built up of innumerable Linux computers from different parts of the world. While researching, ESET investigators created one domain which played the role of a C&C (command-and-control) server instructing Mumblehard's backdoor component. With this method, the investigators managed towards computing the magnitude as well as distribution of the botnet. Theregister.com posted this, April 7, 2016.

The updated edition was first observed May 24, 2015, ESET said. The particular sample emerged on VirusTotal May 25th. ESET also observed that the prevailing zombie PCs weren't all updated instantly. The company's sinkholing facilitated in noting that the initial bunch of some 500 zombie PCs was updated on the 25th of May. The remaining bots got updated on 26th June 2015.

For eschewing further infections, ESET recommends making web-applications, including plug-ins that a server maybe hosting, up-to-date along with protecting administrative accounts using a strong dual-factor validation.

ESET performed its sinkholing operation February 29, 2016. Ever-since the company has identified more than 4,000 bots attempting at linking up with their previous server. There are also several tips along with tools that ESET has posted to locate and eliminate Mumblehard infection found on systems.

To make the sinkholing project a success, it was crucial to collaborate with external entities and law enforcement. Whether or not Mumblehard is the most advanced, most perilous or most widespread botnet, terminating it remains a measure adopted rightly while it indicates that security investigators in a joint manner of working with more agencies can aid in lessening criminal activity's effect on the Net.

» SPAMfighter News - 4/14/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next