BitDefender has released an emergency update to protect against a potential pandemic caused by the emergence of a botnet self-development kit controllable via the popular social media service Twitter®. In order to create their custom bot, an attacker only has to launch the SDK, enter a Twitter username that would act as a command & control center and modify the resulting bot’s name and icon to suit their distribution method.

via Twitter®-Controlled Botnet SDK At Large – Malware City Blogs.

Nice report,take a look at the video below:

Twitter botnet


Cyber criminals are renting out their botnets for just £5.99 an hour, enabling unskilled crooks to launch DDoS attacks.


They found the herders used many of the typical advertising tools to attract people, from banner advertising to forum marketing, and then charged just under £45 for a full day of botnet attacks capable of taking down websites and applications.

via Cyber criminals charge just £6 for access to a botnet | IT PRO.


The latest in the string of “bulletproof” ISPs has been taken down on Friday after its upstream service provider DIGERNET has been disconnected. PROXIEZ-NET went down making its claims of being immune to shutdowns untrue. According to The Register just days before the shutdown PROXIEZ-NET found its way to the Spamhaus block list for “acting as a ZeuS botnet C&C or hosting binaries dropzones for the ZeuS botnet.”

via Zeus-friendly ISP taken down.


Bank thieves have rolled out a new weapon in their arsenal of tactics — telephony denial-of-service attacks that flood a victim’s phone with diversionary calls while the thieves drain the victim’s account of money.A Florida dentist lost $400,000 from his retirement account last year in this manner, and the FBI said the attacks are growing.

via Thieves Flood Victim’s Phone With Calls to Loot Bank Accounts | Threat Level | Wired.com.


In a quickswapping scheme, a cyber-crook will use sites such as eBay or Amazon to offer an expensive item at a cheap price, explained Mikko Hypponen, chief research officer at F-Secure. After a deal is reached, the scammer will make an enticing offer – they will agree to ship the item to the buyer and only accept payment after the person has checked it out.Next, the scammer will use credit card information he or she previously pilfered with malware such as Zeus to purchase the item and send it to the buyer. After the buyer sends the agreed payment via Western Union or WebMoney, the scammer disappears, leaving the person whose card was stolen with an illegal charge and the quickswapping buyer at risk of having the item confiscated by police as stolen merchandise.

via How Cyber-Crooks Turn Stolen Data into Money on eBay – Security from eWeek.