NASK the domain registrar that operates the “.pl” Polish top-level domain registry has seized multiple domains used for cyber crime activities by spreading Waledac malware distributed by the Virut botnet. According to Poland’s Computer Emergency Response Team, Virut was first detected in 2006 and became a serious threat with an estimated size of more than 300,000 compromised computers.
NASK said that on Thursday it began assuming control over 23 .pl domains that were being used to operate the Virut network. Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time.
They determined that botnet consists of more than 308,000 uniquely compromised machines and that its primary function is to pump out spam and other malicious emails. The most recent take down effort was in December 2012. Unfortunately, the Virut botnet gang managed to get the malicious botnet domain names moved to a new registrar called home.pl quickly.
Symantec reported that with some 77,000 Waledac infected machines within the Virut botnet generating an average of 2,000 spam messages an hour for somewhere between 8 and 24 hours a day.
The Virut take down effort clearly illustrates the important and meaningful role registries and registrars can play in the fight against cyber crime in general. How long the shut-down of Virut will last this time is unknown.
Original post at –the hacker news
Thanks for reading. hope it might helped you.
Bangalore: Cyber attack – The whole new way to bring down enemies and is spreading like wildfire across the globe. Even though software products and websites are getting more secured against virus attacks, malware developers on the other hand are building much sophisticated weapons with high potential that can bypass the firewalls and perform functions you never imagined. The latest one is Flame- the most complex virus ever discovered.
Never think you are out of attackers reach. Everything in your network, essentially your system can go upside down one fine day. Files get deleted, PC slows down and even your system can turn itself into a base station for infecting other networks and systems. The below listed most powerful malwares of 2012 can do much more than that.
Kaspersky Lab’s latest report about the world’s most complex virus- Flame- shook the entire cyber world with its potential. The 20 MB virus is supposed to be product of a Government backed project due to its sophistication.
What It Does: Flame can sniff network traffic and has the ability to take screenshots, record conversations by microphones that are plugged in or embedded to the PC and send this information to the creator. Its complicated attack-toolkits and code is 20 times powerful than the existing viruses and is capable of replicating in a local network and removable media. The virus, which was operational since 2010, has been secretly collecting critical data.
Affected Systems: Flame was essentially targeted at some Middle Eastern countries including Iran and Israel has made its presence in around 1000 systems worldwide. But considering its potential, it can be one of the biggest viruses, the world has ever seen.
This is one of the most widely spread trojans in 2012. Among top virus detections of 2012, this virus covered 35.1 percent.
What It Does: This virus basically works like a destructive program. It gives access to a remote hacker by sing the software vulnerabilities. Once your system is affected, the virus works via a backdoor and carries out multiple tasks. Basically, the Trojan has the capability to make the computer completely useless by modifying system configuration data and other Windows registries.
This virus is more threatening than INF.Autorun, which has infected a lot of devices in recent years and made it to the top detections list.
3. Flashback Trojan
Apple Macs, which was considered secure than all its counterparts has faced the biggest attack from Flashback Trojan, a virus, which according to the latest report had infected more than 650,000 Macs worldwide.
What It Does: The virus was designed to disguise itself as an Adobe Flash Player installer, using Flash player logos. It uses a Java vulnerability to install itself. After installing Flashback, the malware originally sought user names and passwords that are stored on Macs.
Affected Systems: Even though Apple released a security update in April, many users still are susceptible. The latest count of infected systems stands at above 650,000.
Scrinject.b, a popular malware has recorded a global infection rate of 6.75 percent this year.
What It Does: The virus appears in the HTML web page as tags or scripts which automatically redirect users to the sites containing malicious virus. Once infected, it allows remote access to your computer and occupies precious system resource, trace your Internet habits to steal your personal information. The virus took top spot in Europe’s list replacing the INF.Autorun virus this year.
Original post at siliconindia
Thanks for reading. hope it might helped you.