The resurrection of the Mariposa botnet
Posted on 26.05.2011
When the news that the Spanish police arrested the three individuals suspected of running the Mariposa botnet was made public back in March 2010, it was generally thought that it might be the end of the line for one of the largest botnets ever reported on record.


The size of the botnet - almost 13 million compromised computers in over 190 world countries - was due to the exceptional propagation ability of the Palevo worm variant used to infect and enslave the individual computers. It spread through P2P networks and via instant messages. It copied itself on removable storage devices and network shares.

But, as we have learned from past experiences, a botnet is not completely destroyed until the last of its C&Cs is taken offline, and Mariposa's wasn't.

And now, according to Trend Micro researchers, the botnet is making a comeback.

They detected an increased activity of the Palevo worm at the end of last year, and have checked with abuse.ch to see if there were any active Mariposa C&C servers. It turns out, there are 115.

"We checked out the variants that were causing the activity and found that although currently in-the-wild samples slightly differed from previous versions, their functions remained the same," say the researchers.

Palevo bots are mostly used for DDoS attacks and as downloaders for other malicious files, but can also have modules for monitoring and hijacking browsers and cookie stuffing.






Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //