Using newly registered domains with a very short lifespan to host malware websites is so last year. It would appear that these days such things are far more likely to be hosted on much older compromised web sites instead. Could this be down to a decline in domain tasting? The latest MessageLabs Intelligence [URL="http://www.messagelabs.com/intelligence.aspx"]report[/URL] appears to think so, suggesting that the previously widespread practise of cancelling a new domain registration within a few days 'cooling off' period has been in decline recently. Indeed, the Internet Corporation for Assigned Names and Numbers stated as much in June. The MessageLabs analysis of …

Member Avatar
Member Avatar
+1 forum 1

[ATTACH=RIGHT]21767[/ATTACH]An unnamed Asian company operating within what has been described as a 'high risk e-commerce industry' has been targeted by a botnet which launched a DDoS attack of unprecedented magnitude. According to Distributed Denial of Service mitigation experts Prolexic, which claims to have successfully combated the attack, the volume of this particular attack was nothing short of extraordinary. How so? Well, consider that most high-end border routers employed by your average ISP are capable of forwarding around 70,000 packets per second typically. Now consider that the volume of this DDoS attack using TCP SYN Floods and ICMP Floods reached 25 …

Member Avatar
Member Avatar
+0 forum 4

Hello, I want to create an application that can make selections from a webpage. I did an assignment for school and now I want to extend my program. The assignment was to parse a webpage and display the data. The webpage's exact URL was given to us. The URL was of the US-Canadian boarder crossings' delays. We basically had to parse the page and print the crossing nanme and the corosponding delay. I want to create a progarm that can go and select from a menu the crossing name and output the delay. Any ideas how? Thanks --drjay

Member Avatar
Member Avatar
+0 forum 2

A new botnet has been discovered which is not only targeting users of UK banks, but doing so in a new and worrying manner. Said to comprise of in excess of 100,000 infected machines, the Zeus 2 botnet is operated and controlled from Eastern Europe according to [URL="http://www.trusteer.com/company-overview"]secure browsing security provider Trusteer[/URL] which went public with its discovery today. [attach]16386[/attach][URL="http://www.daniweb.com/news/story261766.html"]Zeus botnets are sadly neither new or rare[/URL], however Amit Klein, Trusteer's Chief Technology Officer, reveals that this one is especially worrying as it doesn't just stop at harvesting user IDs and passwords but instead also looks for client side certificates …

Member Avatar
Member Avatar
+0 forum 2

Just because security holes and vulnerabilities get reported to software vendors doesn't mean they are actually patched. A new report from IBM's X-Force security team found that of all the software holes reported in the first half of this year, more than half are still unpatched. IBM's X-Force report is published twice per year and provides an in-depth look at software security from across the spectrum of developers. So far this year, the bug catchers are doing better than the bug squashers. More bugs are being reported, but more are going unpatched. In the first six months of 2010, 4,396 …

Member Avatar
Member Avatar
+0 forum 1

Stand up if you like paying your income tax. To all of you who have remained seated, which I will assume is indeed all of you, I have some more bad news: the bogus tax collectors want your money as well, and now they have botnets helping them. [attach]15770[/attach]According to a recent analysis by [URL="http://www.trusteer.com"]financial malware protection specialist Trusteer[/URL] of just one botnet, specific to the UK market, it was actively looking for [URL="https://online.hmrc.gov.uk"]login information for users of the HM Revenue & Customs[/URL] site where people can pay their income tax and VAT online. This botnet had details of more …

Member Avatar
+0 forum 0

Last year security vendors were warning that botnets were not only not dead, but bouncing back in a big way. One suggested that [URL="http://www.daniweb.com/news/post1080975.html"]botnets would become autonomous and intelligent[/URL], with each node containing inbuilt self-sufficient coding in order to coordinate and extend its own survival, during the course of 2010. Now we are nearly half way through the year, it seems that prediction was pretty much spot on. Certainly the [URL="http://www.fortiguard.com/report/roundup_april_2010.html"]latest Threatscape report[/URL] from Fortinet would suggest that botnets are alive and well, with multiple botnets showing a worrying level of high activity. While Gumblar remained in the No. 1 …

Member Avatar
Member Avatar
+2 forum 1

The latest MessageLabs spam index reveals that relative to its market share, any given Linux machine is five times more likely to be sending spam than any given Windows machine. But what are the facts behind those headline grabbing numbers and can Windows really get off the hook that easily? MessageLabs Intelligence Senior Analyst, Paul Wood has spoken out on the much discussed issue of spam being a Windows generated problem, noting that it is "more commonly sent from computers running Windows than from those running other operating systems" but adding "spam not identified as coming from botnets was seen …

Member Avatar
Member Avatar
+0 forum 5

I've seen a collection of articles about computer security breaches originating from China and would like to give a report from the ITYS Foundation. ITYS, for the unaware, is "I Told You So." I've discussed the use of Linux on the desktop for years, touting its security, stability, thousands of free software applications and feature-rich interfaces. I'm constantly told that Linux on the desktop is dead. I've even [URL="http://www.daniweb.com/news/story221561.html"]said[/URL] it myself after taking too many verbal lashings when touting Linux as a prospective desktop operating system. [URL="http://www.daniweb.com/news/story219001.html"]Novell[/URL] and [URL="http://www.daniweb.com/news/story220393.html"]RedHat[/URL] have both put the Linux Desktop out mind. So, I guess …

Member Avatar
Member Avatar
+0 forum 6

Botnets are bad for business, and that's the bottom line. The news that a botnet called Kneber has infected 75,000 computers including government and business machines has been spreading online. But while many, if not most, of these reports are claiming that Kneber is a new botnet the truth is that actually it is nothing of the sort. Not that the revelation that Kneber is actually just another Zeus variation will be of any comfort to those who have fallen victim to the thing, of course. Victims such as, according to security outfit NetWitness which first reported the outbreak, the …

Member Avatar
+0 forum 0

Thought that 2009 was [URL="http://www.daniweb.com/news/post975935.html"]the year that botnets died[/URL], well think again Batman, it was actually the year they bounced back. Compromised computers were responsible for distributing 83.4% of the 107 billion spam messages sent around the world, every single day, during 2009 according to a new Symantec report. Indeed, the [URL="http://www.messagelabs.com/Threat_Watch/Intelligence_Reports"]Symantec MessageLabs Intelligence 2009[/URL] report suggests that the shutdown of botnet hosting ISPs such as McColo towards the end of 2008 and Real Host in August this year didn't destroy the botnet threat but rather simply made those behind them re-evaluate and enhance command and control backup strategies so …

Member Avatar
Member Avatar
+3 forum 1

I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the [URL="http://www.daniweb.com/blogs/entry4339.html"]equally dangerous Gumblar[/URL]. According to the [URL="http://www.scansafe.com/gtr"]latest ScanSafe numbers[/URL], Gumblar was responsible for a whopping 29% of all the web malware blocks it saw during October. Gumblar, in case you were wondering, is the collective name for a family of website compromises which are particularly nasty. Using a variety of routes to infection, Gumblar …

Member Avatar
+0 forum 0

Botnets are, without any shadow of a doubt, one of the [URL="http://www.itpro.co.uk/blogs/daveyw/2009/09/30/death-taxes-and-botnets/"]biggest scourges[/URL] of IT security today. From sending spam to [URL="http://www.daniweb.com/news/story238033.html"]launching DDoS attacks[/URL] and distributing malware, botnets can be found [URL="http://www.daniweb.com/blogs/showentry.php?entryid=1021"]at the centre[/URL] of most of the security problems facing computer users right now. So wouldn't it be fun if you could take down, knock over and destroy a botnet? The good news is that it seems you can, with a little determination and a lot of inside knowledge. Researchers at the FireEye Malware Intelligence Lab have been working hard at gathering the necessary knowledge with regards to one …

Member Avatar
+2 forum 0

According to the latest McAfee Labs [URL="http://www.mcafee.com/us/local_content/reports/7315rpt_threat_1009.pdf"]Third Quarter Threats Report 2009[/URL] instances of Distributed Denial of Service attacks are growing in popularity. In the last quarter the McAfee Labs observed many new attacks demanding ransom money including those aimed at sports betting companies which were taken out of action during key sporting events to cause losses in the millions. Such attacks have not only been used to make money, but also silence political opinion. But perhaps the growth of DDoS as a service, whereby cybercriminals offer botnets capable of launching such attacks to the highest bidder is the biggest worry. …

Member Avatar
+0 forum 0

You probably call it Halloween, for myself and other pagans it is [URL="http://en.wikipedia.org/wiki/Samhain"]Samhain[/URL], but for the cyber-gangs it is phishing time. Seasonally-themed spam is on the up at this time of the year, Halloween related messages accounting for 0.5% of the daily spam traffic by volume in mid-October according to the latest [URL="http://www.messagelabs.com/intelligence.aspx"]Symantec MessageLabs Intelligence Report[/URL]. Currently, with the 'Witch's New Year' Sabbath itself coming this weekend, there are some 500 million emails circulating worldwide and the majority of the Halloween spam is originating from the [URL="http://www.itwire.com/content/view/19931/53/"]Rustock[/URL] and Donbot [URL="http://www.itwire.com/content/view/24603/1231/"]botnets[/URL]. Most of this would appear to be pointing towards pharmaceutical …

Member Avatar
+0 forum 0

Botnets are, without any doubt, a huge and growing problem. The technology news feeds are bursting to the seams with stories about them: how [URL="http://www.daniweb.com/blogs/entry2838.html"]botnets boost click-fraud rates[/URL], how [URL="http://www.daniweb.com/blogs/entry2838.html"]botnets control sex spam zombies[/URL], how the cyber-criminals are [URL="http://www.itwire.com/content/view/23383/1231/"]building the first mobile botnet[/URL] and even how some botnet builders are selling their wares [URL="http://www.daniweb.com/blogs/entry2826.html"]complete with guarantees[/URL] that they cannot be detected. However, one thing you do not expect to read about is the people behind the news stories, the reporters themselves, being involved in acquiring a botnet which hacks into the computers of some 22,000 people. Yet that is exactly …

Member Avatar
Member Avatar
+0 forum 1

What a difference a day makes. In the 12 hours following the take down of McColo Corp, a web hosting service that stands accused of being responsible for enabling as much as 75 percent of the world's email spam, the volume of said junk mail recorded by specialists at MessageLabs dropped to eight times less than average. The bad news is that levels started to rise again after that, an almost inevitable consequence of the free market economy that exists within the criminal underground. Knock one player off the top of the tree and others rise up to replace it. …

Member Avatar
+0 forum 0

It seems that botnet usage could have been behind an increase in the number of click fraud clicks cited in the latest [URL="http://clickforensics.com/Pages/click-fraud-index.asp"]Click Fraud Index[/URL] which monitors such things. Running for three years now, the index monitors and analyses data from more than 4000 online advertisers and advertising agencies. The Pay Per Click data is collected from online advertising campaigns, large and small, across all leading search engines. The latest report suggests that while the overall industry average click fraud rate was down 0.1 percent from last quarter to 16.2 percent. it was up from the 15.8 percent rate this …

Member Avatar
+0 forum 0

Security researchers within the Marshal TRACE Team have [URL="http://www.marshal.com/trace/traceitem.asp?article=714"]warned[/URL] that malicious spammers are using fake United Parcel Service invoices in order to deliver a malware payload. Always looking for a new and convincing hook to snare the unsuspecting user into downloading malicious components from the web, this new attack utilises the Pushdo botnet to distribute fake UPS invoices requiring printing in order to claim an 'undelivered' package from the local office. Of course, the attached executable file called 'ups_invoice.zip' which has an MS Word icon in an attempt to add authenticity is not an invoice at all but rather installs …

Member Avatar
+0 forum 0

Have you ever wondered exactly how a botnet works? A wotnet, you ask? A botnet, I say. You know, the thing that your computer might well be a part of, without your knowledge or approval, which is used to launch distributed denial of service attacks, send spam, distribute malware and above all else make the criminal gangs that control them lots and lots of money. Now are you ever so slightly curious as to how a botnet works, how it does the Borg thing and assimilates your computing resources, what damage it does, how much money it makes and how …

Member Avatar
+0 forum 0

How stupid do you have to be to get caught by spam email with the subject line of 'we caught you naked [your name] - check the video' is a question I have been asking myself today. Not because I have been caught naked, and if I had my only concern would have been for the poor soul subjected to the visual ordeal. Not even because I have received such a spam myself, at least not that I am aware of as my spam trap would have swallowed it whole and spat it out in bits before I knew about …

Member Avatar
Member Avatar
+0 forum 1

It is not often that a drunken discussion provides anything more than a hangover the following morning, but recently a bunch of IT security experts got talking while the beer was flowing and someone asked the question: what is the biggest threat on the IT landscape today? Everything from 'the user' at the obvious end through to 'Bill Gates' at the drunken bum end of the scale was suggested, but the undoubted winner which was revealed before we all passed out was the botnet. Think about it, botnets have all but taken over as the control centre of the exploits …

Member Avatar
+0 forum 0

Security researchers at [URL="http://www.sophos.com"]Sophos Labs[/URL] have revealed that nearly 70 percent of all Linux honeypot infections are caused by a single virus. Perhaps even more shocking, all things considered, is the fact that the virus in question, Linux/Rst-B, is actually six years old now. So concerned is Sophos at this identified trend that is has now made a specific tool available just to detect whether this one virus is present on your Linux based computer or server. The fact that Linux servers are of great interest to the cyber-criminal fraternity should come as no surprise, after all these are likely …

Member Avatar
+0 forum 0

The number crunchers at security specialists [URL="http://www.sophos.com"]Sophos[/URL] have published the figures revealing which bits of malware have been spreading the fastest during August. While the fact that infected spam attachments have dropped from one in 322 for the first six months of the year to one in every 1000 for August is interesting, it isn't as interesting as pointing a big hairy finger at those countries which host the most malware infected web pages. The weapon of choice for spreaders of malware continues to be spam that links to infected websites, as we have seen of late with the ever …

Member Avatar
Member Avatar
+0 forum 3

For the average user spam has always been an annoyance. For the average spammer it has always been about making money. For the criminal gangs that have muscled in on this lucrative industry during the last few years it is now about territory and control. Control, that is, of the botnets behind the malware distribution networks that they rent out to the spamming middle men to enable them to ply their trade in relative safety from the crippled arm of the law. Leading AV researchers at Kaspersky have now identified three criminal gangs which are participating in an increasingly desperate …

Member Avatar
Member Avatar
+0 forum 5

According to Symantec, 64% of small businesses have seen a surge in the volume of spam received during the previous six months. And it isn’t the only one: whether you talk to ISPs or security vendors, gateway mail filtering services or end users, the message is the same. Spam is on the up, and how. The most worrying thing is the how rather than the why, the latter being the good old Yankee Dollar as always. In the past it was bulk-emailers that caused the spam damage, plain and simple, but now the trend is towards a higher level of …

Member Avatar
+0 forum 0

The cost-per-click model for Google ads could soon be complimented by a cost-per-action one, if the testing for this click fraud busting technology proves successful. The concept is simple enough: advertisers would only get charged when a particular action is performed rather than simply clicking on the thing. Already a growing band of volunteers advertisers have been putting the system through its paces, with a positive reaction if my sources are to be believed. However, if it is so good at combating click fraud, why is Google not going to replace the current system outright? My sources tell me that …

Member Avatar
+0 forum 0

The End.