Police and private companies have taken down a massive botnet used to move malware onto compromised PCs.
The Armageddon botnet, also known as Gamarue, is thought to have spanned over two million PCs and distributed over 80 types of malware onto infected PCs. It was shut down on November 29 in a combined operation by Europol, the FBI, security vendor ESET and Microsoft.
A suspect thought to be associated with the botnet was arrested in Belarus.
“This is another example of international law enforcement working together with industry partners to tackle the most significant cyber criminals and the dedicated infrastructure they use to distribute malware on a global scale,” said Steven Wilson, the Head of Europol’s European Cybercrime Centre.
“The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us.”
The Andromeda takedown was made possible by last year’s operations to close the Avalanche botnet. During that effort German police found important information about Andromeda on one of the computers seized during the anti-Avalanche operation and passed the details on to Europol.
Online criminals iced as cops bury malware-spewing Avalanche
随着技术变得更加移动化、应用更广泛,预计网络攻击的数量将不断攀升。
READ MORE

Traffic from Andromeda-infected PCs has now been disrupted, with the authorities taking control of 1,500 malicious domains employed by the malware. Microsoft noted that these domains were contacted by over two million IP addresses in 223 countries and municipalities.
The Andromeda malware first appeared in September 2011 and was detected and blocked on over a million PCs last month. The code’s primary purpose was to harvest credentials but the malware’s highly modular design allowed operators to add in their own custom modules for things like web page content theft or spam campaigns.
Researchers at Microsoft and ESET spent 18 months following the Wauchos malware used to build the botnet to identify its command and control mechanisms. They then moved, with police help, to take control of the domains used to control the botnet and hopefully it won’t be restarted.
“In the past, Wauchos has been the most detected malware family amongst ESET users, so when we were approached by Microsoft to take part in a joint disruption effort against it, to better protect our users and the general public at large, it was a no-brainer to agree,” said Jean-Ian Boutin, senior malware researcher at ESET.
环境、健康、安全大讲堂之HSE在线课件
“This particular threat has been around for several years now and it is constantly reinventing itself – which can make it hard to monitor. But by using ESET Threat Intelligence and by working collaboratively with Microsoft researchers, we have been able to keep track of changes in the malware’s behavior and consequently provide actionable data which has proven invaluable in these takedown efforts.” ®
所有的数据应该有一个“所有者”,一般来讲,应该赋予业务单元和职能单元相应的所有权,有了“所有权”,才能让“所有者”担负起管理的职责。

猜您喜欢

一个信息安全动画小故事,随意丢弃损毁的U盘,被保洁员拾走,泄了密……
EHS文化的建立从针对全员的意识教育培训开始
网络安全法实施宣传
武汉“D+M”工业设计小镇签206亿大单
BITCOINTREZOR WILLIAMSTREETLODGING
全民网络安全意识教育策略与资源