Entries with tag security experts.

Pushdo Botnet Is Evolving, Evading Detection

New research finds that a Pushdo Trojan variant has continued evolving and thriving and now can counteract attempts to disrupt the botnet it has created. Security experts first spotted the Trojan, which hackers use to distribute spam and other malware, in 2007 . Cutwail, the network’s spam-generating engine, is reportedly responsible for much of the world’s spam traffic. Security experts have tried to take down the Pushdo/Cutwail botnet four times during the last five years, according to PC World, but the disruption was only temporary. Security experts from vendors Damballa and Dell SecureWorks, as well as the Georgia Institute of Technology, say the latest variant of Pushdo uses domain-generation algorithms, which periodically generate multiple domain names that botnet controllers can use to contact zombie computers. The many new contact points make shutting down botnets difficult for security experts. It also causes problems with user security products designed to block malicious traffic. The Trojan also has zombies regularly query legitimate websites to camouflage their traffic to command-and-control servers. Damballa published its Pushdo findings online at < https://www.damballa.com/downloads/r_pubs/Damballa_mv20_case_study.pdf >.  (PC World)(Infosecurity Magazine)(Damballa)

WordPress Botnet Continues Growing

A recent series of attacks against WordPress blogs is creating a growing botnet, according to security researchers. The attacks—which focus on individuals whose WordPress username is “admin”—attempts to crack their password for signing into the blog using brute-force attacks. The botnet reportedly now consists of 90,000 or more computers. Security experts are concerned the botnet could continue growing and create a massive problem. The attacks reportedly started after WordPress began offering an optional two-step authentication login. Once a website is infected, it is equipped with a backdoor. This lets the hackers control the site remotely and make it part of the botnet. (BBC)(Matt Mullenweg)(Krebs on Security)
 

Showing 2 results.