Tag Archives: Botnet

16-28 February 2014 Cyber Attacks Timeline

Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.

read more

A (Graphical) World of Botnets and Cyber Attacks

Update 3/12/2013: I should also mention the Deutsche Telekom Security Tachometer... Read More

BotClouds Still Hard to Detect (And Mitigate)

This morning, during my usual virtual promenade through my feeds, I came across a really interesting post from Stratsec, a subsidiary of Bae Systems.... Read More

Even Botnets Go on Holidays!

The attack model based on botnet-generated Distributed Denials of Service is opportunistic. The botmaster selects a target, gathers as many resources as possible among his army of zombie machines, and when he realizes to have achieved enough firepower, simply selects a target and pushes the attack button. After this the target is inevitably flooded by packets generated by the bots, while the unaware owners of the zombie machines perform their normal work or fun activities with their infected computers.... Read More

Value Added Distributors of Botnets

Cyber Crime, and in particular botmasters, never cease to amaze. If you were (not so much) surprised in discovering the compromised supply chain behind the Nitol Botnet (that allowed Chinese manufacturers to sell compromised computers pre-installed with the botnet), you’d better have a look at the ZeroAccess Botnet, which has recently been analyzed by Sophos.... Read More

The Botnet Factory

Probably there’s something more in the Next Step Of Botnets besides BlackHole 2.0 and Tor C&C mentioned in my previous post. I mentioned the takedown of the Nitol Botnet by Microsoft as one of the most important infosec events of the last week, but I forgot to mention one important aspect related to this event: the malware supply chain.... Read More

The Next Step of Botnets

[caption id="attachment_8073" align="alignright" width="275"] A BlackHole (Exploit Kit) absorbing an Onion (Ring), the future of Botnets?[/caption]

This information security week has offered many interesting points: the brand new CRIME attack against SSL/TLS, the release of BlackHole Exploit Kit 2.0 that promises new stealth vectors of Drive-By download infections, the takedown of the emerging Nitol botnet by Microsoft, and, last but not least, the first (?) known example of a new generation of a C&C Server leveraging the anonymization granted by Tor Service.... Read More

Botnets, ISPs, and The Role of The Cloud

Data CenterOne interesting comment on my previous post on Botnets, gave me a cue for another consideration concerning the role of the cloud inside the fight against botnets.... Read More

I, BOT (Coming To A C&C Server Near You)

Few days ago I have discovered that the City I live in (Rome), ranks at number two in the World for the number of BOT infections, at least according to Symantec Internet Security Threat Report Edition XVII.... Read More