Security researchers at Damballa report shutting down the command and control server of a botnet built by a Trojan bundled with pirated copies of Windows 7 RC. The Trojan is believed to have infected thousands of users.
Attackers pushing pirated, malware-laced copies of Microsoft's
upcoming Windows 7 operating system have been actively trying to build a botnet.
According to researchers at Damballa, attackers hid a Trojan inside of pirated copies of the operating system and began circulating them on BitTorrent sites. Damballa reported that it shut down the botnet's command and control server May 10, but by that time infection rates had risen as high as 552 users per hour.
"Since the pirated package was released on April 24th, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on May 10th," said Tripp Cox, vice president of engineering at Damballa.