2008
09.27

inurl:/pop/win.php – Cerca con Google I’m current researching about this kind of worm. I’ve catched it in many different kind of site (facebook included). It’s donwload a win32 exe (2060.exe) and a java .jar (Java.jar).

2008
09.24

U S tops list as source for botnet attacks: “The United States was the top source of distributed attack traffic, originating nearly three times as many attacks as second-place China, according to a recent study by security service provider SecureWorks Inc

The rest of the top 10 sources of attack traffic were:

* Brazil with 166,987.
* South Korea with 162,289 attempted attacks.
* Poland with 153,205.
* Japan with 142,346.
* Russia with 130,572.
* Taiwan with 124,997.
* Germany with 110,493.
* Canada with 107,483.”

2008
09.17

The Rock Phish gang – one of the net’s most notorious phishing outfits – has teamed up with another criminal heavyweight called Asprox in overhauling its network with state-of-the-art technology, according to researchers from RSA.

Over the past five months, Rock Phishers have painstakingly refurbished their infrastructure, introducing several sophisticated crimeware packages that get silently installed on the PCs of its victims. One of those programs makes infected machines part of a fast-flux botnet that adds reliability and resiliency to the Rock Phish network.

RSA researchers also noticed that a decrease in phishing attacks hosted on Rock Phishers’ old servers coincided with never-before-seen phishing attacks used on the Asprox botnet.

“It just shows that these guys know each other and are willing to provide services to each other,” said Joe Stewart, a researcher at SecureWorks who has spent years tracking Asprox and groups that use fast-flux botnets.

  blog it
Botnet
2008
09.17

clipped from blog.wired.com

Researchers Use Facebook App to Create Zombie Army – Update

Computer researchers built a tool that demonstrates how hackers could silently turn Facebook users into a powerful zombie army that can attack other websites or scout for vulnerable sites on the net.

Their demo attack was very simple and surprisingly effective. They created an application that displayed a new National Geographic photo daily on a user’s Facebook page — though the app was not approved of by National Geographic.

But in the background, the application is also downloading three large photos from a targeted site. But the user’s browser never displays the images. Any application with enough users will then act like a denial of service attack flooding the chosen website with requests for data. The user stops being a part of the attack after logging out, but joins again every time he returns.

Facebookfist
  blog it
2008
09.03

Zombie network explosion | The Register: “The number of compromised zombie PCs in botnet networks has quadrupled over the last three months, according to figures from the Shadowserver Foundation.”