Zeus Attackers Defend Themselves From Researchers By Installing Honeypot

According to DarkReading, which published its news on November 3, 2010, cyber-attackers in a reverse action fed security researchers and rivals, a false panel of administration as well as bogus statistics. The researchers were probing one Zeus attack of the recent time that targeted federal taxpayers filing returns quarterly through the electronic medium.

These attackers, as per the reports, strategically prevented those attempting at accessing or hacking their administrative interface to block their malware.

Accordingly, security researchers while remarking about the problem stated that all criminals who wished for going on being successful had to be aware of their opponents as also conceal their actions well. Therefore, it wasn't surprising that they were taking recourse to spreading false information and installing honeypots for rivals and security researchers to discover. In fact, security researchers were well familiar with such traps that served as excellent defense for the business of cyber-crime, the researchers analyzed.

Said advanced threat manager Jamz Yaneza at Trend Micro, cyber-criminals, especially bot-herders had been using the above described defense for a quite a while. EWeek.com published this on November 6, 2010.

In general, most kits for creating exploits have an administrative interface, which handles attack codes, payloads as well as monitors the success rate of exploits. Says Brett Stone-Gross, security researcher at the University of California's (Santa Barbara) Department of Computer Science, the phony arrangement for logging in very easily accepts credentials that are easily guessed or are by default along with usual SQL-injection chains. Once the rival/researcher is identified, the criminals show them arbitrary exploit statistics, Stone-Gross explains. Help Net Security published this on November 5, 2010.

Stated Director of Symantec Security Response Kevin Haley, hackers even did things like preventing connection with chat groups as also incorporating defenses into the servers of command-and-control for botnets. EWeek.com reported this.

The security researchers further disclosed that malware writers had even been observed employing anti-virtual computer script wherein when a malware realized it was under the supervision of a virtual system, it regarded the whole thing as an effort for examination. Then, it either stopped running or gave away fake data.

Related article: Zeus Trojan Stole Huge Amount of Information

» SPAMfighter News - 11/16/2010