14 December 2017
visit www.aciworldwide.com

US moves to take out massive botnet

14 April 2011  |  7922 views  |  0 anonymous figure in front of stock exchange

The US government has acted to disable a botnet comprised of hundreds of thousands of computers infected with malware that steals financial information from victims.

The Department of Justice and FBI say more than two million computers have been infected with the Coreflood malware, which installs itself by exploiting a vulnerability in PCs running Windows operating systems.

The keylogging software then allows infected computers to be controlled remotely so crooks can obtain private personal and financial information which can be used to steal funds.

In a typical example cited in court filings, Coreflood was used to monitor Internet communications between a user and their bank and then take over an online session to transfer funds to a foreign account.

The DoJ says five control and command (C & C) servers that remotely controlled hundreds of thousands of infected computers have been seized along with 29 domain names used by the botnet to communicate with these servers.

Coreflood is programmed to request directions and commands from C & C servers on a routine basis with new versions of the malware introduced through them in an effort to stay ahead of security software and other virus updates.

However, if the C & C servers do not respond, the old malware continues to run so authorities obtained a temporary restraining order so they could replace the illegal servers with substitute ones.

They then used these to respond to the requests from infected computers in the US with a command that temporarily stops the malware from running.

Meanwhile, the US Attorney's Office for the District of Connecticut has filed a civil complaint against 13 "John Doe" defendants, alleging wire fraud, bank fraud and illegal interception of electronic communications.

Shawn Henry, executive assistant director, criminal, cyber, response and services branch, FBI, says: "These actions to mitigate the threat posed by the Coreflood botnet are the first of their kind in the United States and reflect our commitment to being creative and proactive in making the Internet more secure."

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Cybercrook peddles Zeus source code

Cybercrook peddles Zeus source code

24 March 2011  |  8989 views  |  0 comments
Fannie Mae IT contractor convicted for planting malware bomb

Fannie Mae IT contractor convicted for planting malware bomb

07 October 2010  |  6777 views  |  0 comments
Ukraine arrests key players in $70m Zeus fraud

Ukraine arrests key players in $70m Zeus fraud

04 October 2010  |  8171 views  |  0 comments
US charges dozens over Zeus scam

US charges dozens over Zeus scam

01 October 2010  |  10012 views  |  1 comments
UK-specific Zeus botnet hits 100,000 PCs

UK-specific Zeus botnet hits 100,000 PCs

05 August 2010  |  9583 views  |  0 comments
Spanish police bust massive botnet; arrest three

Spanish police bust massive botnet; arrest three

03 March 2010  |  8693 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.response.ncr.comvisit www.atos.netvisit www.aciworldwide.com

Top topics

Most viewed Most shared
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
10147 views comments | 16 tweets | 25 linkedin
satelliteRipple completes XRP Lockup
9056 views comments | 3 tweets | 2 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
8830 views comments | 17 tweets | 36 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7566 views comments | 20 tweets | 11 linkedin
Brits flock to digital-only banksBrits flock to digital-only banks
7186 views 11 comments | 11 tweets | 15 linkedin

Featured job

Competitive package
New York City, NY - USA

Find your next job