The collaboration between Trend Micro, INTERPOL, Microsoft, Kaspersky Lab, and the Cyber Defense Institute resulted in a triumph for the security industry earlier this week: the takedown of the SIMDA botnet. Trend Micro provided information such as the IP addresses of the affiliated servers and statistical information about the malware used, which led to the disruption of…
Read MoreLast week it was reported that the Pushdo botnet, used to send spam using the Cutwail spamming module, was taken down, thanks to the efforts of several security researchers. Thirty command-and-control (C&C) servers of the Pushdo/Cutwail botnet were identified, almost 20 of which were taken down after their Internet hosting providers were notified. So far,…
Read MoreWhile takedowns and/or arrests slow down or severely damage cybercriminal operations, they could also pave the way for other threat actors to up their ante when it comes to their nefarious activities and “battle” it out to fill the void left by those who said operations were hampered. Regardless who emerges the victor, in the end, it’s still the users and organizations that fall victim to these attacks who lose.
Read MoreMultiple command-and-control (C&C) servers used by the DRIDEX botnet have been taken down by the Federal Bureau of Investigation (FBI), following the action taken by the National Crime Agency (NCA) in the UK.
US law enforcement officials obtained court orders that resulted in the seizure of multiple servers used by DRIDEX. This crippled the malware’s C&C network, which is used by the malware to send the stolen information to the cybercriminals and to download configuration files that include the list of targeted banks. Furthermore, charges have been made against Andrey Ghinkul, aka Andrei Ghincul and Smilex, the Moldovan administrator of the botnet.
Read MoreEarly December last year, Microsoft – in cooperation with certain law enforcement agencies – announced their takedown of the ZeroAccess operations. However, this also unexpectedly affected another well-known botnet, TDSS. TDSS and ZeroAccess ZeroAccess is one of the most notable botnets in the world, with its malware known for rootkit capability. This malware is typically downloaded…
Read More