Polish CERT hits Virut botnet
Posted on 21 January 2013.
The Polish Research and Academic Computer Network (NASK), the national registry of the .pl domain and founder of CERT Polska, has announced on Friday that they took over 23 domains that served as C&C servers for the Virut botnet.

The botnet, recently used as a way for Waledac botmasters to recreate their own botnet which has been crippled in previous years by Microsoft, has been dealt a considerable blow.

"The scale of the phenomenon was massive: in 2012 for Poland alone, over 890 thousand unique IP addresses were reported to be infected by Virut," claims CERT Polska. "Since 2006, Virut has been one of the most disturbing threats active on the Internet. In late 2012 Symantec estimated the size of its botnet at 300,000 machines, while Kaspersky reported that Virut was responsible for 5.5% of infections in Q3 2012, making it the fifth most widespread threat of the time."

Among the domains the incident response team took over and sinkholed were also a few .pl domains previously used to host the Virut malware, its C&C IRC servers, and even Zeus and Palevo malware.

The Virut malware has, in the past, been mostly distributed via infected removable media and file sharing. But more recent version are capable of infecting HTML files, injecting an invisible iframe that would download Virut from a remote site, say the researchers.

Computers enslaved in the Virut botnet were used for spamming, DDoS attack, malware propagation, and similar malicious activities.


How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Sep 19th