Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    December 2014
    S M T W T F S
    « Nov    
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  
  • Email Subscription

  • About Us

    Last week, we talked about the Tequila botnet that was targeting Mexican users. Since our last post, there has been one big development—the botnet appears to have been taken down by the owners themselves.

    On Thursday (June 3, 2010), the botnet’s controllers sent out new instructions to all of the active bots. One of the effects of this was to stop all of the bots’ phishing attacks perhaps because our own post exposed all of the proxy servers and redirected the hosts used in those attacks.

    We were also able to find another botnet developed by the same person behind the Tequila botnet. This particular botnet, which we have called the Mariachi botnet, is not as feature rich as the Tequila botnet. It could be used to mount phishing attacks or to install software onto affected systems but those appear to have been its main capabilities.

    This Monday (June 7), however, both the Mariachi and Tequila botnets went offline after their command-and-control (C&C) servers were taken down. The Mariachi botnet’s C&C server appears to have been taken down by its hosting provider, Bluehost.

    Click

    Soon afterward, the Tequila botnet’s C&C server went offline as well.

    Click

    We have not seen any new activity out of either the Mariachi or the Tequila botnet since then although we are continuing to monitor the now-orphaned bots for any new activity.

    Once again, we express our thanks to Juan Castro of Trend Micro LAR for all the information he passed on about these botnets.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice