Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: massive botnet controlling some 1.9 million zombie comp


22 Apr 2009   #1
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 
massive botnet controlling some 1.9 million zombie comp

Do you know what your computer is doing tonight?

Finjan Reveals 1.9 Million-Strong Botnet at RSA

Quote:
The size of the network would make it possibly the largest botnet under the control of cyber-thieves. Some 45 percent of the IP addresses under the control of the network are located in the U.S., compared to six percent in the U.K., three percent in France and four percent in Canada and Germany. The geo-location of 38 percent of the IP addresses could not be determined.


My System SpecsSystem Spec
.

22 Apr 2009   #2

Vista Ult64, Win7600
 
 

Thanks for the news.
My System SpecsSystem Spec
22 Apr 2009   #3
weh

Win.7.Ult.x64
 
 

We are Borg; resistance is futile.
My System SpecsSystem Spec
.


22 Apr 2009   #4

Windows 7 Ultimate Vista Ultimate x64
 
 

Thanks Jacee, that's a huge number of infected machines.
My System SpecsSystem Spec
22 Apr 2009   #5
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote:
We are Borg; resistance is futile
ermmm?
My System SpecsSystem Spec
22 Apr 2009   #6

Windows 7 Ultimate 64-bit
 
 

That's all those folks installing 7106...

You know, I'm really only half joking. Seems there are quite a few folks posting 7106 torrents and trying to convince people they're unadulterated even in the face of stark proof of the opposite. Why? What's it to them if someone they don't know uses it or not? Why the vested interest? There's no point system that I know of. Or is there? Has anyone grabbed these builds and tested them for outbound IRC traffic?

Were the world working as it should, the researchers would deliver a list of infected MAC addresses to the listed domain contacts along with a list of affected ports. This filter list would be loaded into the border routers as a BGP update immediately for maximum protection to the rest of the Internet and email sent to the affected customers in case of ISP or InfoSec depts in the case of corporations. Filters could then be put in place as fast as possible to protect the domain internally. But at least it wouldn't leak crap outside the domain in the short term.

But instead of doing something like this to contain the issue, they write a paper and wait to attend a trade show and brag about how cool they are that they found this big botnet while it continues to exist and do whatever it is it wants unfettered. Makes no bloody sense to me -- obviously this security expert is out to make a buck and a name for himself and has no interest in protecting the Internet at all or they'd at least be TRYING to mitigate the risk and affect with the networking tools and skills at their disposal. I'd think I'd get a better name at the trade show for presenting how I discovered and SHUT DOWN the botnet. While prominently listing any domains that failed to co-operate. Hopefully you'd get a few government agencies and fortune 500s that you could spread all over the new and shame the rest into action.
My System SpecsSystem Spec
22 Apr 2009   #7
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

We have quite an extensive list of IP#'s and Domains, but there is a problem with some webhosts ... they will take paymment over security. Some are really responsible about shutting these sites down... others rely on thier monthly income and don't give a whit (or whatever)

So, as your post goes baarod, all we can do is try to warn and protect peback's

That's why I posted this article.
My System SpecsSystem Spec
22 Apr 2009   #8
weh

Win.7.Ult.x64
 
 

I read the article to which Jacee's post linked. It stated that the authors had reported details of the botnet to appropriate security and law enforcement agencies. While they may well be out to make a name for themselves, my impression was that they had done the right thing.
My System SpecsSystem Spec
22 Apr 2009   #9

Windows 7 Ultimate 64-bit
 
 

Security and law enforcement -- who exactly? I don't know of any outfit in the government that handles this. It's really up to Sprint, et. el. who operate the backbones and that's not quite how it ought to be. When a domain refuses to filter their traffic for the good of the net, then it ought to be done for them. There are border routers on both sides of a leased line. If the domain owner won't add the filtering then the carrier should be required by law to do so.

NEWSFLASH:

Looks like cybersecurity's going to be under direct presidential control!

http://www.crn.com/government/217100...PSKH0CJUNN2JVN
My System SpecsSystem Spec
Reply

 massive botnet controlling some 1.9 million zombie comp




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:54 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33