Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Botnet ‘ZeuS’ traced to Real Host of Latvia

An association of security investigators stated during August 1-2, 2009 that when they tried to
trace the ZeuS botnet, a gigantic network that its owners utilized for Internet fraud, they found
that it was linked to an organization in Latvia called Real Host, which employed hired servers.

The investigators also found that the organization carried out a variety of other online crime
activities and that the computing authority in Latvia was investigating the company.

However, the experts stated that it wasn't known as to what extent of the ZeuS botnet was under
the control of Real Host, while it was generally very hard to point a finger to the
massively-built botnet's centre.

Meanwhile, researchers including Jart Armin and Andrew Martin said that Real Host had hired
numerous IPs from an ISP called Junik in Riga, and that it went online through a Swedish
connectivity service named Telia.

The researchers further found an extraordinary variety of more malicious operations that were
carried out at Real host that could be compared with those of the recently shuttered Atrivo and
McColo, the U.S. service providers that too specialized in supporting criminal clienteles.

Said the experts that sadly for the ZeuS botnet with its huge magnitude it wasn't easy to find
its real centre.

Besides, Real Host had mentioned an address in Kazakhstan to the domain name registration company
Directi. Telia together with Latvia's computing authority were scrutinizing Real Host, the
researchers stated.

In the meantime, security specialists state that ZeuS also has connections with Rock Phish, an
Internet crime gang under the control of Russian perpetrators and which is responsible for 50% of
the global online phishing attacks that stole sensitive personal information.

Aside this, according to Damballa a security company, ZeuS has seized 3.6 million computers in
USA, exceeding any other botnet's seizure.

Moreover, cyber-criminals have recently been using the ZeuS Bot program to install the virus on
computers of unwitting users.

Additionally, in another instance of ZeuS attack, University of Alabama at Birmingham's security
experts revealed during July end week 2009 that phony online postcards targeted inboxes globally
with web-links pointing to the ZeuS.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 8/21/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page