Gameover gang uses Cutwail botnet to swell its own
Posted on 06.12.2012
The hackers behind the Gameover variant of the popular Zeus banking Trojan have rented the massive Cutwail botnet in order to send out millions of fake emails carrying the malware, warns Dell SecureWorks’ Counter Threat Unit.

The emails have been made to look like they were sent by one of many big U.S. banks, and try to trick unsuspecting users into thinking that the banks have begun using a secure way to exchange emails containing personal information:


The attached securemessage.pdf.zip carris a downloader that, once executed, installs the Gameover malware. And in order to make sure that it immediately gets to steal relevant login data, the email says that "first time users will need to register after opening the attachment."

According to Brett Stone-Gross, a senior security researcher with Dell SecureWorks, the campaign has already resulted in more than half a million infections.

These infected computers are then enslaved in a big peer-to-peer botnet with DDoS capabilities that are often used to mount attacks against banks in order to divert their attention from the money-stealing in progress.

Unfortunately, such a botnet is difficult to dismantle as there is no central C&C server that can be taken down and leave the bots orphaned - bots communicate with and receive configuration files from each other.






Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //